| title | intro | redirect_from | versions | topics | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
About SSH |
Using the SSH protocol, you can connect and authenticate to remote servers and services. With SSH keys, you can connect to {% data variables.product.github %} without supplying your username and {% data variables.product.pat_generic %} at each visit. You can also use an SSH key to sign commits. |
|
|
|
{% data reusables.ssh.about-ssh %} For more information about SSH, see Secure Shell on Wikipedia.
When you set up SSH, you will need to generate a new private SSH key and add it to the SSH agent. You must also add the public SSH key to your account on {% data variables.product.github %} before you use the key to authenticate or sign commits. For more information, see AUTOTITLE, AUTOTITLE and AUTOTITLE.
You can further secure your SSH key by using a hardware security key, which requires the physical hardware security key to be attached to your computer when the key pair is used to authenticate with SSH. You can also secure your SSH key by adding your key to the ssh-agent and using a passphrase. For more information, see AUTOTITLE.
{% ifversion fpt or ghec %}To use your SSH key with a repository owned by an organization that uses SAML single sign-on, you must authorize the key. For more information, see AUTOTITLE{% ifversion fpt %} in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}.{% endif %}{% endif %}
To maintain account security, you can regularly review your SSH keys list and revoke any keys that are invalid or have been compromised. For more information, see AUTOTITLE.
{% ifversion fpt or ghec %} If you haven't used your SSH key for a year, then {% data variables.product.prodname_dotcom %} will automatically delete your inactive SSH key as a security precaution. For more information, see AUTOTITLE. {% endif %}
{% ifversion fpt %} Organizations that use {% data variables.product.prodname_ghe_cloud %} can provide SSH certificates, which members can use to access that organization's repositories without adding the certificate to their account on {% data variables.product.github %}. If you're using an SSH certificate, you cannot use the certificate to access forks of the organization's repositories, if the fork is owned by your personal account. For more information, see AUTOTITLE in the {% data variables.product.prodname_ghe_cloud %} documentation.
{% else ghec or ghes %} Organizations that use {% data variables.product.prodname_ghe_cloud %} can provide SSH certificates, which members can use to access that organization's repositories without adding the certificate to their account on {% data variables.product.prodname_dotcom %}.
{% ifversion ghec %}{% data reusables.emus.ssh-ca-support-for-emu %}{% endif %} {% endif %}