When it comes to deploying like myself, everyone wants to clone with SSH instead of HTTPS. I found it good practice for deploying my code in a production or development server as you can not only easily make them read-only, but you don’t have to type the username and password. These are just a few of the many benefits of using deploy keys as GitHub has removed authentication using password option when using git repositories via HTTPS.

Deploying with SSH

Deploying a project using ssh is pretty simple. Following are the steps to deploy a git repository using SSH.

  1. SSH to your server and type ssh-keygen
  2. Continue pressing enter to all option if you want to use the default id_rsa file and don’t want to use any passphrase
  3. On your home directory, execute command cat .ssh/id_rsa.pub
  4. Copy the public key
  5. Go to
    GitHub repository -> Settings -> Deploy Keys → Add deploy key
  6. Enter title whatever you want to call it, i.e., prod server and paste your public key in Key field
  7. Add the key and clone the repository on the server using the SSH URL.

Deploying Multiple Git Repositories Using SSH on the Same Server

Added a single git repository using SSH is easy and straight forward. However, deploying multiple repositories on one server is a bit tricky as when you will use the same deploy key for the second repository, you will get the following error message:

“Key is already in use.”

It means that you have to create separate SSH keys for each repository, which you can do by running ssh-keygen multiple times and with a new pair of RSA public/private keys.

I have created two keys for a demonstration in my ~/.ssh/ directory. It looked as follow:

Like the above method, you can create as many keys as you want. Now for each project, copy the public key of each generated deploy key by following previously mentioned step 3 to step 7 and add the public key in the respective repository.

Adding the public keys in repositories doesn’t resolve our problem as by default when you clone or use any git command using SSH, SSH will always use id_rsa key in ~/.ssh. So our next step is to tell SSH which key to use for which project.

Using GIT_SSH_COMMAND

The first solution for getting this done is to use GIT_SSH_COMMAND as following:

GIT_SSH_COMMAND="ssh -i ~/.ssh/key-one" git pull

It would work, and you can easily pull and push using the above command by just changing the key for each project. But you would not be able to run git commands as standard, which makes this solution not so much elegant.

Using SSH config File

Now to overcome the above problem, you can create an SSH config file within SSH. You can create the config file as follow:

  1. Create config file
    touch ~/.ssh/config
  2. Edit ssh config file
    nano ~/.ssh/config
  3. Paste the following config
    Host repo-one
      Hostname github.com
      User git
      IdentityFile ~/.ssh/key_1
    Host repo-two
      Hostname github.com
      User git
      IdentityFile ~/.ssh/key_2
    
  4. After that, you would have to change remote URLs used for repositories as follow:
[email protected]:Username/repo-one.git

TO

repo-one:username/repo-one.git
Note: Make sure that repo-one is mapped to the SSH config file in the host section.

That’s it! Now you can run git commands normally for all repositories.

Tip for Git Submodules Users:

If you are using git submodules, you would have to update your .gitmodules file as follow:


[submodule "repo-one"]
	path = repo-one
	url = [email protected]:username/repo-one.git
[submodule "repo-two"]
	path = repo-two
	url = [email protected]:username/repo-two.git

TO


[submodule "repo-one"]
	path = repo-one
	url = repo-one:username/repo-one.git
[submodule "repo-two"]
	path = repo-two
	url = repo-two:username/repo-two.git

Enjoy! Let me know if I’ve missed out on anything.