Multiple SSH Keys for Sourcetree
Multiple SSH Keys for Git on Windows
We use Git and Sourcetree, primarily on the Windows operating system and love it 99% of the time. Sometimes we work from our personal computers and being developers, we have our own projects outside of work that are associated with different credentials. To avoid SSH key issues we just use simple HTTPS to clone our repos down instead of hassling with multiple SSH keys.
This week we have officially adopted two-factor authentication for our revision control so guess what?!
As the documentation clearly states, this breaks HTTPS login for Git!
All things considered this is a small issue but getting multi-key SSH configured was surprisingly difficult. What I found most interesting was that every document explaining how to do this omitted one or two critical details. I have recorded the steps I took to guarantee a sure-fire process to achieve functional Windows Sourcetree with Git working on multiple SSH keys.
Obviously this is Windows and Git specific. We'll be implementing the scenario where you have 1 work and 1 personal Github/Bitbucket/Gitlab account
- Configure Sourcetree to use OpenSSH. We don't use HG so no issues for us!
- Existing Keys: If you previously used Putty, load your ppk into PuttyGen and convert it to Open SSH format using the conversion option. Append .rsa to the file name so you can differentiate from your ppk format private key.
- Fresh Start: If you want to start from scratch, generate two new keys in PuttyGen. 1 for work and 1 for home. Save the private and public keys for later use.
- Check that both of your personal and work account have the correct public keys added for access.
- Create a .bashrc file at %userprofile%\.bashrc and save the following:
- <a id="step4"" name="step4"></a>Create a %userprofile%\.ssh\config
See the SSH Docs for more information about these options
- Close Sourcetree
- Close all open terminals/shells/cmd prompts
- Relaunch Sourcetree
- Launch Terminal via Sourcetree</p>
and verify that you see similar output:
- If you do not see that output, your .bashrc file is incorrect or in the wrong directory. Redo Step 3. If that still doesn't work, start over because you probably have the wrong format keys.
- Running ssh-add -l should list the thumbprints for your two SSH keys.</p>
- You are now ready to clone/pull/push some code!
- Repos belonging to the non-default account will need to have their git origins modified by replacing the hostname portion of the url with the alias id from your .ssh\config file.</p>
In my case I would replace my origin firstname.lastname@example.org:myname/repo.git with git@work:myname/repo.git.
- Once you have updated your git origin for the secondary account to use the config file's alias from step 4, you should be able to push/pul without issue.
From here, depending on what order you loaded your keys either your home or work will be treated as default. For me, my home registers as default because either key name or thumbprint is alphabetically first. No matter though; we can fix this!</li></p>
- If you do have an issue, use Sourcetree menu Tools -> Add SSH Key... dialog to try re-adding the key.
- If that doesn't work, close Sourcetree, any open console, and try again!
- If that doesn't work then you probably missed a step or detail. Try again!
One final tip before you go. Be sure to clear out any saved username/passwords from the Sourcetree authentication tab that are related to your work/home accounts. If you don't remove these, Sourcetree will keep alerting you to that fact the HTTPS login cannot be performed via OpenSSH. Not a big deal but the modal dialogue gets lost and is super annoying to find.
Good luck and happy coding!
Feel free to comment on the post but keep it clean and on topic.blog comments powered by Disqus