To work with a private GitHub repository you need an SSH key to authenticate yourself to GitHub. You can learn how to set this up in this article.
For any operations with your private repository (cloning, pushing, pullen, …) you need an authentication method between your local computer and the GitHub repository – and this is where SSH key pairs (SSH keypairs or SSH keys) come in handy.
The “problem”: GitHub adjusts authentication
In the past, to clone a private GitHub repository, you could mount the repository over HTTPS and then be prompted to authenticate with GitHub username and password. This is no longer possible for security reasons. If you try it anyway, you get the following error message on the console:
remote: Support for password authentication was removed on August 13, 2021. Please use a personal access token instead.
remote: Please see https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information.
fatal: Authentication failed for ‘https://github.com/…’
The solution is simple: create an SSH key for your GitHub repository. The one-time setup is done in just 3 steps.
Step 1: Create SSH key (key pair)
Under Windows you need the program PuTTY Key Generator (PuTTYgen). If you already have PuTTY installed on your computer, it is likely that it is already installed with it.
Open the program and click on “Generate”. After that you have to move the mouse over the white area to create a random key pair. You can leave the rest of the settings unchanged.
Once the process is complete, click on “Conversions” > “Export OpenSSH key” in the top menu and save the file to C:\Users\YOUR_USER\.ssh. The name should be id_rsa.
Attention: You should not lose this key (private key) and never give it to others!
Create SSH key pair under Linux
If you are a Windows user, you can jump directly to step 2.
On Linux, you can create the SSH key directly from the terminal. To do this, execute the following command:
ssh-keygen -t rsa -b 4096 -C "firstname.lastname@example.org"
email@example.com should be your GitHub email address. The private and public key are then stored under ~/.ssh/.
More details about the creation under Linux can be found here: https://www.heise.de/tipps-tricks/SSH-Key-fuer-GitHub-Repositories-einrichten-4627459.html
Step 2: Adjust private key rights
The file with the private key (id_rsa) must have certain rights, otherwise it will be ignored for security reasons.
Permissions for '/Users/YOUR_USER/.ssh/id_rsa' are too open.It is required that your private key files are NOT accessible by others.This private key will be ignored.
So, if you encounter this error message, you should perform the following steps.
- Navigate in Windows Explorer to your private key: C:\Users\YOUR_USER.ssh\id_rsa
- Right click > Properties > Security
- Select “Advanced” at the very bottom
- At the top you can change the owner of the file to your user (admin rights required)
- Then remove all entries from the list of permissions and add Full Access for your user
At the end of the procedure, the view should look something like this:
Step 3: Deposit public key in GitHub
In the last step we add the public key to our GitHub account. To do this, copy the complete content from the blue highlighted text box – this is the public key to your private key in the id_rsa file.
Log in to GitHub now and navigate to the settings.
In the left menu you will find the item “SSH and GPG keys”.
Click there on “New SSH key”.
Choose a suitable title here, e.g. the current date, and insert the public key from PuTTYgen (blue highlighted area). When saving, you will be asked for your GitHub password again and you will also receive an email notification for security.
If you want to learn more about the technical background and functionality of SSH keys, check out this post.
Test SSH Key
That’s it! Now you can take a private repository, click on “Code”, select “SSH” and clone the repository via
git clone REPO_SSH_URL.
I hope the instructions were easy to understand. If you have any questions, feel free to comment below.
What did you think of this post?