If your SSH keys have trust issues and your Git pushes require more begging than they should you have come to the right place. This guide walks through creating modern ed25519 keys loading them into an ssh agent and wiring them up to Git providers like GitHub and GitLab. It also covers managing multiple identities and a quick note about hardware tokens like YubiKey
Use ed25519 for smaller keys and strong security without drama. A passphrase protects your private key from being trivially reused if someone finds the file. The ssh agent holds your decrypted key in memory so Git commands do not ask for your passphrase on every push or fetch. It is not magic but it is close enough
Run the keygen command and give the key a comment that makes sense later when you have three laptops and one ancient CI box
ssh-keygen -t ed25519 -C "your@email.com"
Accept the default file path unless you want multiple keys. Choose a passphrase you can remember or store it in a password manager. Yes this is extra work but it is good work
Start the agent and add your key so the agent can answer for you during Git operations
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519
Now Git will ask the agent for credentials and not for your soul
Copy the public key and paste it into the SSH keys section of each account you use. On GitHub look for SSH keys in account settings and on GitLab look for a similar SSH keys area
cat ~/.ssh/id_ed25519.pub
# then copy the output and paste into provider settings
If you have separate keys for work personal and CI use an ssh config file to map hosts to identity files. This prevents the wrong key from being offered and reduces awkward access denials
~/.ssh/config
Host github.com
HostName github.com
User git
IdentityFile ~/.ssh/id_ed25519
Host gitlab.com
HostName gitlab.com
User git
IdentityFile ~/.ssh/id_ed25519_work
With this in place SSH will pick the right key automatically and your push workflow will stop being rude
If you ssh to a bastion and then to a git server enable agent forwarding only when you trust the middle box. That avoids copying private keys to remote hosts and keeps your keys where they belong on your machine
If you want to be extra secure use a hardware backed key like a YubiKey. It stores the private key in hardware so it never leaves the device. The flow is similar but the tooling may ask for a PIN when you touch the token. This is great for security and slightly less convenient for forgetful people
This tutorial covered creating an ed25519 key pair protecting the private key with a passphrase loading the key into ssh agent adding the public key to Git providers and using ssh config to manage multiple hosts. Follow these steps and your Git workflows will be faster less annoying and just small enough to feel smug about
I know how you can get Azure Certified, Google Cloud Certified and AWS Certified. It's a cool certification exam simulator site called certificationexams.pro. Check it out, and tell them Cameron sent ya!
This is a dedicated watch page for a single video.