Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> and it was a hassle to get local repositories to use the correct keypair

I agree. The way that I deal with this is as follows:

In my ~/.ssh/config I have content that looks like:

    Host gh-company-a
            User git
            HostName github.com
            IdentityFile ~/.ssh/id_ed25519_company_a

    Host gh-acme-inc
            User git
            HostName github.com
            IdentityFile ~/.ssh/id_ed25519_acme_inc

    Host gh-sponges-corp
            User git
            HostName github.com
            IdentityFile ~/.ssh/id_ed25519_sponges_corp
And then instead of

    git clone git@github.com:companya/foo.git
I'd type

    git clone gh-company-a:companya/foo.git
Likewise, instead of

    git clone git@github.com:acmeinc/baz.git
I do

    git clone gh-acme-com:acmeinc/baz.git
and so on.

With this way of doing it, the correct key pair gets used both for the initial clone and for subsequent pulls and pushes.

I suppose I could make a wrapper program that would take care of the substitution for me, to further reduce the amount of hassle. In fact I might end up doing that. I already have a few wrapper programs for various git commands.



I guess you also need

   IdentitiesOnly yes
in there.

Otherwise all your public keys will be tried regardless.


Another way is to set $GIT_SSH_COMMAND when cloning:

  GIT_SSH_COMMAND="ssh -i ~/.ssh/id_ed25519_company_a -o IdentitiesOnly=yes" git clone ...
and then set it in your checkout's .git/config for subsequent fetches & pushes:

  git config core.sshCommand "ssh -i ~/.ssh/id_ed25519_company_a -o IdentitiesOnly=yes"




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: