"Deploy keys" in GitHub allow your server to connect directly to your GitHub repository. When your server is connected, you can push builds directly from your repository to your server, which can cut down on your work. If your server needs access to multiple repositories, you can create a machine user to manage the access.
Generating a Key
Open the terminal program on your computer.
The terminal program on your computer allows you to remotely access your server. If you’re using a Linux or Mac computer, you’ll be using the built-in Terminal program. If you’re using Windows, you’ll need to install a program like Cygwin or GitBash.
- Linux – Press or search for “terminal.”
- Mac – You can find the Terminal program in the Utilities folder.
- Windows – You can download Cygwin from cygwin.com, or GitBash from git-scm.com/downloads.
Log into your server using your terminal program.
You’ll be generating the deploy key on your server so that it can access your GitHub repository. To do this, you’ll need to log into your server, either remotely through your terminal or locally on the server.
- In your terminal program, type ssh username@hostname to log in. Enter your password if prompted.
Enter the command to generate the SSH key.
The following command will create a new key with your GitHub email address as the label:
- ssh-keygen -t rsa -b 4096 -C “email@example.com”
- An SSH key is a encrypted key pair that authenticates your identity. In this case, you’ll be assigning the key to your GitHub repository, allowing it to identify your server.
↵ Enter/⏎ Return This will save the key to the default location, which is the .ssh directory in your User directory.
Create a passphrase.
This adds an additional layer of security to your key, as unknown users will need to enter the passphrase before the key will work.
- You’ll be prompted to confirm the passphrase when creating it.
Copy the SSH key contents to your clipboard.
Once the key has been created, you’ll need to add it to your repository. To do so, you’ll need to copy the contents of the key. The following command will copy the contents of the key to your clipboard:
- Linux – xclip -sel clip < ~/.ssh/id_rsa.pub. You may need to run sudo apt-get install xclip first.
- Windows – clip < ~/.ssh/id_rsa.pub
- Mac – pbcopy < ~/.ssh/id_rsa.pub
Adding the Key to a Repository
Log into the GitHub website.
Make sure you log in with an account that can access the repository.
Click your profile image in the upper-right corner and select “Your profile.”
This will open your GitHub profile page.
Click the “Repositories” tab.
This will display all of your repositories.
Select the repository you want to add the key to.
This will grant your server access to the repository to automatically deploy builds.
Click the “Settings” tab at the top of the screen.
This will open your repository settings.
Click the “Deploy keys” button in the left menu.
This will display the deploy keys that are currently assigned to the repository.
Click the “Add deploy key” button.
A text field for the key will appear.
Paste the copied deploy key into the field.
Click the field and press ⌘ Command/Ctrl+V to paste the copied deploy key into the field.
- If you want the server to have write access to the repository, check the “Allow write access” box.
Click “Add key” to add your deploy key.
This will allow your server to access the repository and deploy builds from it.
Creating a Machine User
Create a dedicated GitHub account for the machine user.
A “machine user” is an automated user that can access multiple repositories. This is useful if your server needs access to multiple repositories, since deploy keys only grant access to a single repository.
- You can create a new user by clicking the “Sign up” button on the GitHub homepage and following the prompts.
Generate an SSH key on your server.
Follow the steps in the first section to generate a key on your server and copy it to your clipboard.
Sign into the GitHub website with the new machine user account.
You’ll be assigning the newly-created key to this user.
Click the machine user’s profile picture and select “Settings.”
This will open the account settings for the machine user.
Click the “SSH and GPG keys” option in the left menu.
This will display the keys currently assigned to the user.
Click the “New SSH key” button.
This will allow you to enter the SSH key.
Paste the key and click “Add SSH key.”
This will add the SSH key to the machine user’s profile, allowing it to access your server.
Open the first repository you want to give the machine user access to.
You can find your repositories in the “Repositories” tab on your Profile page.
Click the “Settings” tab on the repository page.
This will display the repository settings.
Click the “Collaborators” option in the left menu.
This will allow you to add collaborators to the repository. By adding your machine user as a collaborator, it will be able to push builds from your repository to your server.
Enter the machine user’s name and click “Add collaborator.”
The machine user will be given read/write access to the repository.