On your local machine terminal, run:
ssh-keygen -t rsa -b 2048
You will be prompted to choose a passphrase for the keys as following. Please be sure to enter a passphrase. This is the password that will protect your keys. It can be a sentence with spaces between the words. Be sure to use a combination of lower and upper case letters, numbers and punctuation marks.
Generating public/private rsa key pair.
Enter file in which to save the key (/home/localuser/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter your passphrase here
On your local machine, run following command to transfer the generated public key to remote server:
scp ~/.ssh/id_rsa.pub username@remote.server:~/.ssh/temp.pub
SSH to your remote server,
ssh username@remote.server
On your remote server, append the public key to ~/.ssh/authorized_keys:
cat ~/.ssh/temp.pub >> .ssh/authorized_keys
chmod 600 .ssh/authorized_keys && rm .ssh/temp.pub
Now connecting with SSH from your local machine to remote server will now ask for a passphrase instead of a password.
You will now need to set up the SSH agent on your local computer. The SSH agent will remember your passphrase and forward your key on, securely, to your remote server.
Use ssh-add to add your passphrase to the SSH agent for the current login session.
On your local machine: run ssh-add and you will be prompted to enter your passphrase you just set up.
Within the same login session, you can now ssh to your remote server without entering the passphrase or password.
We need to configure Git to let it know who we are by setting up our name and email address.
git config --global user.name "Your Name"
git config --global user.email "Your Email"
Then we need to eanble GPG signing for Git commits and the format of the signature will be SSH keys.
git config --global commit.gpgsign true
git config --global gpg.format ssh
Then we want to tell Git to use the key we just generated locally and uploaded to GitHub.
List your public SSH keys with ssh-add -L and copy the key you just generated.
Then set our signing key in Git to the key we just copied.
git config --global user.signingkey <paste your key here>
Your commits will now be signed with your SSH key. you can test it by making a commit and checking the signature with git log --show-signature.
To sign your pushed commits on GitHub so that your commits will be marked as verified, you need to add your public SSH key to GitHub.
Login to GitHub SSH keys, copy and Paste your public key to both Authentication Keys and Signing keys.
1Password is a powerful password manager with easy-to-use auto-fill functionalities. I use it to store any sensitive documents and login credentials, to generate random passwords for all my online accounts. (no affiliation or sponsorship, just a happy user)
For students, you can get 1-year 1Password subscription via the GitHub Student Developer Pack - GitHub Education.
As an alternative method, you can generate SSH keys using 1Password or import your SSH keys from your local file (e.g. ~/.ssh/id_rsa).
1Password will generate a public key automatically and store the public and private key-pair in your 1Password vault.
Then what you need to do is quite similar with a few more steps: As tested in 1Password 8 in July 2023, these instructions will be automatically prompted in the 1Password client after you generate or import SSH keys, setting up SSH keys with 1Password is quite straightforward.
~/.ssh/config and ~/gitconfig file before you let 1Password overwrite them.)ssh or git and authorize the SSH request prompted by 1Password.Please refer to official document for a detailed step-by-step documentation.
[1] How do I setup SSH keys? - Minnesota Supercomputing Institute
[2] SSH & Git - 1Password docs