This post is part of a series on Git Fundamentals:
- git stores history as a graph
- how to: configure unique SSH keys per client
Git is everywhere these days, in use by a tremendous amount of people and organizations.
Sometimes when committing code you want to use a different identity for one set of repositories from another set of repositories. Think a consultant working for multiple clients or contributing to both client work and personal open-source work.
I have found the following pattern useful:
- Configure Your Default Identity
- Configure Client-Specific Git Settings
- Create an Additional Github Account
- Create a Client-Specific SSH Key Pair
- Configure SSH to Respect Your Client-Specific KeyPair
- Clone a Client-Specific Repo
Configure Your Default Identity
Put your default
user.email in your
[user] email = email@example.com name = David Alpert [includeIf "gitdir:~/projects/client1/"] path = ~/projects/client1/.gitconfig
This configures git such that:
- my primary identity is personal
- for any subfolder under
.gitconfigspecific to that client is imported
$HOME/projects/ as the root of my development work.
There is nothing special here about where you put your source code.
Make sure that your configuration matches how you have laid out source code on your machine.
Configure Client-Specific Git Settings
~/projects/client1/.gitconfig you can override
[user] name = "David Alpert" email = "firstname.lastname@example.org" [url "client1.github.com:client1/"] insteadOf = email@example.com:client1/
This will override
user.email when making commits under this
[url] part also tells git to use a fake local DNS name when the remote url matchs
firstname.lastname@example.org:client1/. This will be true for any repo owned by the
client1 organization on github.
Create an Additional Github Account
Create a new github account using this client-specific email address as your identity.
Create a Client-Specific SSH Key Pair
- Follow github's instructions to create a new SSH Key pair.
- Give the SSH Key pair a unique name on your local system; I tend to append a suffix like
- Add your client-specific public key to your new client-specific github account.
Configure SSH to Respect Your Client-Specific KeyPair
Add a new client-specific host entry in
Host github.com Hostname github.com User git AddKeysToAgent yes UseKeychain yes IdentityFile ~/.ssh/id_ed25519 Host client1.github.com Hostname github.com User git AddKeysToAgent yes UseKeychain yes IdentityFile ~/.ssh/id_ed25519_client1
UseKeychain keyword is relevant only on MacOS; if you are on linux or windows remove that setting.
ssh to match the fake local hostname that you configured as an alias in
~/projects/client and map that back to
github.com but use the client-specific
Clone a Client-Specific Repo
Now when I change directory into that client-specific folder
~/projects/client1/ and clone a repo from the client-specific organization:
git clone https://github.com/client1/some-repo
- use an alias of
sshwill map that alias back to
github.comwhile using your client-specific SSH keys;
- clone that repo into
- use your client-specific
user.emailfor each commit inside that repo.