jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-02-01 03:01:50 -05:00
Code Issues Projects Releases Wiki Activity

[Ready to ship: May 10] SSH Security Key Support (GA) (#18557)

Browse Source 
* add procedure for generating SSH for physical key

* Mention hardware security keys in "About SSH"

* Create troubleshooting article

* Add procedure for SHH key generation for sk

* fix broken link

* Incorporate reviewer feedback

* update versioning

* Clarify unknown error troubleshoot procedure

* Add troubleshooting to procedure

* Clean up inline links

* Update more inline links

* Update troubleshooting procedure

* fix broken link with versioning

* Add warning about installing OpenSSH

* Update note about algorithm for legacy key types

* Add last step for security keys

* Fix variable name

* Add reviewer feedback

* Include other error text

Co-authored-by: Kevin Jones <vcsjones@github.com>

* Include ref to OpenSSH release notes

* fix failing test

Co-authored-by: Kevin Jones <vcsjones@github.com>
Co-authored-by: Melanie Yarbrough <11952755+myarb@users.noreply.github.com>
This commit is contained in:
Ethan Palm
2021-05-10 13:07:59 -04:00
committed by GitHub
parent 2844dad5f2
commit 91ce63dcc6
4 changed files with 110 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
content/github/authenticating-to-github/about-ssh.md
View File

@@ -11,11 +11,13 @@ topics:
- SSH
---
When you set up SSH, you'll [generate an SSH key and add it to the ssh-agent](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent) and then [add the key to your {% data variables.product.product_name %} account](/articles/adding-a-new-ssh-key-to-your-github-account). Adding the SSH key to the ssh-agent ensures that your SSH key has an extra layer of security through the use of a passphrase. For more information, see "[Working with SSH key passphrases](/articles/working-with-ssh-key-passphrases)."
When you set up SSH, you will need to generate a new SSH key and add it to the ssh-agent. You must add the SSH key to your account on {% data variables.product.product_name %} before you use the key to authenticate. For more information, see "[Generating a new SSH key and adding it to the ssh-agent](/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)" and "[Adding a new SSH key to your {% data variables.product.prodname_dotcom %} account](/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account)."
{% if currentVersion == "free-pro-team@latest" %}To use your SSH key with a repository owned by an organization that uses SAML single sign-on, you'll need to authorize it first. For more information, see "[Authorizing an SSH key for use with SAML single sign-on](/articles/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)."{% endif %}
You can further secure your SSH key by using a hardware security key, which requires the physical hardware security key to be attached to your computer when the key pair is used to authenticate with SSH. You can also secure your SSH key by adding your key to the ssh-agent and using a passphrase. For more information, see "[Working with SSH key passphrases](/github/authenticating-to-github/working-with-ssh-key-passphrases)."
We recommend that you regularly [review your SSH keys list](/articles/reviewing-your-ssh-keys) and revoke any that are invalid or have been compromised.
{% if currentVersion == "free-pro-team@latest" %}To use your SSH key with a repository owned by an organization that uses SAML single sign-on, you must authorize the key. For more information, see "[Authorizing an SSH key for use with SAML single sign-on](/articles/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)."{% endif %}
To maintain account security, you can regularly review your SSH keys list and revoke any keys that are invalid or have been compromised. For more information, see "[Reviewing your SSH keys](/github/authenticating-to-github/reviewing-your-ssh-keys)."
{% if currentVersion == "free-pro-team@latest" %}
If you haven't used your SSH key for a year, then {% data variables.product.prodname_dotcom %} will automatically delete your inactive SSH key as a security precaution. For more information, see "[Deleted or missing SSH keys](/articles/deleted-or-missing-ssh-keys)."
@@ -27,8 +29,4 @@ If you're a member of an organization that provides SSH certificates, you can us
- "[Checking for existing SSH keys](/articles/checking-for-existing-ssh-keys)"
- "[Testing your SSH connection](/articles/testing-your-ssh-connection)"
- "[Working with SSH key passphrases](/articles/working-with-ssh-key-passphrases)"
- "[Troubleshooting SSH](/articles/troubleshooting-ssh)"
{%- if currentVersion == "free-pro-team@latest" %}
- "[Authorizing an SSH key for use with SAML single sign-on](/articles/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)"
{%- endif %}