git, GitHub and multiple accounts/profiles _ _ __ _ (_) | |_ / _` | | | | _| _ \__, | |_| \__| ( ) |___/ |/ ___ _ _ _ _ _ / __| (_) | |_ | || | _ _ | |__ | (_ | | | | _| | __ | | || | | '_ \ \___| |_| \__| |_||_| \_,_| |_.__/ _ __ _ _ _ __| | / _` | | ' \ / _` | \__,_| |_||_| \__,_| _ _ _ _ _ __ _ _ | | | |_ (_) _ __ | | ___ | ' \ | || | | | | _| | | | '_ \ | | / -_) |_|_|_| \_,_| |_| \__| |_| | .__/ |_| \___| |_| _ __ __ _ _ __ _ __ __ ___ _ _ _ _ | |_ ___ / / _ __ _ _ ___ / _| (_) | | ___ ___ / _` | / _| / _| / _ \ | || | | ' \ | _| (_-< / / | '_ \ | '_| / _ \ | _| | | | | / -_) (_-< \__,_| \__| \__| \___/ \_,_| |_||_| \__| /__/ /_/ | .__/ |_| \___/ |_| |_| |_| \___| /__/ |_| ╔─*──*──*──*──*──*──*──*──*──*──*──*──*──*──*──*─╗ ║1 ........................................ 1║ ║2* ........................................ *2║ ║3 ........................................ 3║ ║1 ...........Posted: 2024-11-28........... 1║ ║2* .Tags: development linux git security .. *2║ ║3 ........................................ 3║ ║1 ........................................ 1║ ╚────────────────────────────────────────────────╝ If you use more than one GitHub account you may want a nice set up to make it easy to assign a specific user to a specific repo with ease. Here are some instructions for that, plus signing commits with GPG key. ## SSH Key Create the key, be sure to use a name like `id_ed25519_username`, it's also recommended to set a passphrase for added security: ``` ssh-keygen -t ed25519 -C "you@example.org" ``` Add the key to your SSH agent: ``` eval "$(ssh-agent -s)" ssh-add ~/.ssh/id_ed25519_username ``` ### GitHub, Repo Add the key to your GitHub account: ``` cat ~/.ssh/id_ed25519_username.pub ``` Copy the output to whatever the "new ssh key" dialog is in your GitHub profile. Configure SSH for specific GitHub repos (you'll need to change the repos use this) in `~/.ssh/config`: ``` Host github.com-username HostName github.com User git IdentityFile ~/.ssh/id_ed25519_username ``` You can update the remote URL for a repo like this: ``` git remote set-url origin git@github.com-username:ghusername/repo.git ``` ### GPG Key Generate the GPG key: ``` gpg --full-generate-key ``` Choose RSA with at least 4096 bits. Set expiration date (or leave it as 0 for no expiration). Enter name and email when prompted. Before we go further, you may want to backup your public and private keys. First get the ID for your key. ``` gpg --list-secret-keys --keyid-format=long ``` Then you can do something like this: ``` gpg --armor --export somekeyhere > username_public_key.asc gpg --armor --export-secret-keys somekeyhere > username_private_key.asc ``` Moving on, add the GPG key to GitHub (should be similar in the GitHub interface to adding a new SSH key): ``` gpg --armor --export somekeyhere ``` For these remaining configurations, I think there's a better way to do this, but configure `git` to use the GPG key for a specific repo: ``` git config user.signingkey somekeyhere git config commit.gpgsign true ``` Also, config `git` to use a specific username and email for this repo: ``` git config user.name "full name" git config user.email "you@example.org" ``` You can make signed commits like this: ``` git commit -S -m "Test signed commit" ``` ## Git configuration per domain This is a more maintainable approach to have defaults set per domain we have (matching our `~/.ssh/config` domains, used in repos): Create a `~/.gitconfig-username`: ``` [user] name = Full Name email = user@example.org signingkey = somekeyhere [commit] gpgsign = true ``` Update global git configuration (`~/.gitconfig`): ``` [includeIf "hasconfig:remote.*.url:git@github.com-username:*/**"] path = ~/.gitconfig-username ``` Check the applied settings in a repo that uses the domain `github.com-username`: ``` git config --get user.name git config --get user.email git config --get user.signingkey git config --get commit.gpgsign ```