How to manage multiple ssh keys in the ~/.ssh directory

Question

I'm sure we all get this error from time to time:

$ git push origin master
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

The typical remedy is to simply create a public/private key pair and share it with your git host (in my case bitbucket, with their instructions)

The thing is though, I have many accounts that require that I have a public/private key pair (for example i need to save a key to connect to AWS.. etc).. so what I do is that i create these keys and save them in separate directories ie

~/.ssh $ find .
./awskeys
./awskeys/id_rsa
./awskeys/id_rsa.pub
./bitbucket
./bitbucket/id_rsa
./bitbucket/id_rsa.pub

but then this error pops up every now and then.. to solve it I have to move the relevant keys back to the root ~/.ssh. this doesn't seem right to me. How can I reliably do this?

Answer 1

You can have them anywhere you want, but their permission and the permission of the parent folders need to be strict:

• no writable access for the parent folder (for others and all)
• 644 for a public key
• 600 for a private key.

You then:

• declare those different keys in ~/.ssh/config (example here)
• change the remote url in order to use the appropriate entry of the ~/.ssh/config file which described the right ssh key to use.

That means an entry like:

Host mygithub
    User           git
    IdentityFile   ~/.ssh/mypath/mykey # wherever your "new" key lives
    IdentitiesOnly yes

Allows you to replace an url like [email protected]:username/repo with:

git remote set-url origin mygithub:username/repo