SSH Keys and Git via CLI - Advanced Optional Extra
As an optional extra task I’d like to introduce working with SSH keys. You don’t need to complete this task, but if you want more experience/knowledge then completing this task will be beneficial. If you don’t perform this task, reading this chapter alone will provide knowledge so it is worth a read at minimum.
Secure Shell (or commonly referred to as SSH) is a method of establishing connections and is a network protocol, similar to HTTP and HTTPS protocols. Even when we connect to database servers as we have done today, a network protocol is in place here too. Each network protocol have their own dedicated port numbers by default, however you can overwrite them if necessary for your setup. In most cases the ports should remain as the defaults. Some examples here include:
- HTTP: Port 80
- HTTPS: Port 443
- SSH: Port 22
- Database (MySQL): Port 3306
We will briefly cover more of working with SSH when we move onto deploying AWS web servers. We can perform SSH tunnels (or i.e. connections) using the terminal/command line (via Git Bash on Windows).
Now, if you’re using GitHub Desktop for making your commits to a git repository and you’re comfortable with using this, you may proceed to continue using the app. However if you’d like to advance a little further, we can perform all git related tasks using the command line. Personally in most cases I prefer to use the CLI to make commits, however apps such as GitHub Desktop (for GitHub) and Sourcetree (for BitBucket) are still helpful when we want to make commits in stages (i.e. we don’t want to commit an entire file, but only the partial file; GitHub Desktop/Sourcetree provide this functionality).
1. Installing ‘git cli’
To make use of git on the CLI you first need to ensure your machine has git cli
setup. If you’re using Git Bash I believe this is already present, and if you’re on macOS you can install this as a part of Xcode Tools. On any other unix OS (including macOS if you don’t want to use Xcode), you can use Homebrew to install git cli. (Homebrew is another great CLI utility for unix OS’ which we won’t be covering unfortunately as it won’t be necessary for our development environments, but for certain projects it can be and worth a read if you ever need to use it.)
2. Authenticating our GitHub Account
Once we have ‘git cli’ setup, we now need to authenticate our GitHub account with our machine. When we clone repo’s using the HTTP/S method we don’t need to authenticate our machine, as we are required to enter our username/password combination each time we make a commit. This can be cumbersome if we’re developing on the project frequently. In addition the HTTP/S method won’t work if we have 2FA enabled on our GitHub account either.
The better solution is to avoid using the HTTP/S method all together which requires us to manually authenticate ourselves with credentials on each push/pull. The alternative method is to use the SSH method, which creates a secure private tunnel to GitHub to perform git actions. No credentials will be necessary as our machines will automatically authenticate itself using SSH keys.
2.1. Using SSH Keys
To use SSH keys we must first generate a pair (private and public key) on our machines. The private will remain on our machine and we do not share this. Our public key however, we take the contents of the key and add it into our GitHub account via settings. Once we add the public key to our GitHub account, our machine will be able to perform actions using our GitHub account without the need to be authenticated.
We can add multiple SSH keys to our GitHub account, which is useful if we have multiple devices or more importantly, if we want git access from our servers when we perform deployments. If you no longer have access to a device or server, then you’ll want to prevent access to your account from that specific device. We can easily do this by logging into our GitHub account and then deleting the specific key from our account, remotely disabling access.
(Alternatively to authorising a server to access you’re account, you can authorise a server to only have access to an individual repo. This way we don’t provide the device/server full access to our own personal GitHub account, but to a repo for deployment only.)
2.1.1. Setting up SSH Keys
To setup SSH keys, GitHub provides a useful guide (documenting how to generate keys on macOS, Windows and Unix). You can find the article here, “Generating a new SSH key and adding it to the ssh-agent” on GitHub.
3. Git CLI Commands
I’ve put together some basic git commands which are frequently used:
Command | Description |
---|---|
Example: |
When you visit a GitHub repo, there’s a green button at the top named “Code.” Clicking this will present a pop-out with options to clone using HTTPS, SSH or Github Desktop. When selecting SSH, copy the value provided then run this code replacing This will clone the repo to your machine locally in the current directory you’re in. |
|
Add a file to the current commit. The <file> should be replaced with the path to the file, or alternatively providing a full stop (i.e. a dot) will commit everything whilst honouring your .gitignore file. |
|
Once you’ve added your files, you should then make a commit with an appropriate message. |
|
Finally once you’ve made the commit, you should push your changes. |
|
Pull any changes from the remote repository. You may need to do this often if you have other developers working on the repository too, so we’re all up to date with the latest code. |
|
This will allow you to create a new branch to the one specified in the <branch_name> parameter. |
|
This will switch branches to the one specified. |
|
This will create a new branch and also switch to it. |
There are still many more git commands available over the CLI, however we've included some basic ones to get you started if you do prefer to use git via the CLI.