A Complete Guide to Generating and Using SSH Keys for Secure Connections with GitHub, GitLab, and Bitbucket

In this post, we’ll walk through how to create an SSH key, understand its role in security, and use it for safe connections to services like GitHub, GitLab, and Bitbucket. SSH keys enable secure authentication without requiring you to enter a password each time.

What is an SSH Key?

An SSH key is a pair of security keys that includes:

• Public key: This is safe to share publicly and poses no security risk.

• Private key: This must be kept secure and should never be shared.

When you upload your public key to services like GitHub, GitLab, or Bitbucket, the system can authenticate you without needing a password.

Steps to Generate an SSH Key

Open Terminal or Command Prompt

On your computer, open a Terminal (Linux/Mac) or Command Prompt (Windows) and enter the following command to generate an SSH key:

ssh-keygen -t rsa -b 4096 -C "[email protected]"

Explanation of options:

• -t rsa: Specifies the RSA algorithm.

• -b 4096: Sets the key length to 4096 bits, which enhances security.

• -C "[email protected]": Adds a label for identification, usually your email.

Save the SSH Key Location

The system will then prompt you to save the SSH key:

Enter file in which to save the key (/home/user/.ssh/id_rsa):

Options:

• Press Enter ~/.ssh/id_rsa to save to the default directory ().

• Or enter a custom path if you prefer.

Create a Passphrase (Optional)

Next, you’ll be prompted to set a passphrase to protect your private key:

Enter passphrase (empty for no passphrase):
Enter same passphrase again:

A passphrase adds an extra layer of protection to your private key in case someone gains access to your computer.

• If you press Enter without entering a passphrase, your private key will have no additional protection. This speeds up authentication but is slightly less secure.

• If you set a passphrase, you’ll need to enter it every time you use the SSH key, but it’s safer.

Finish Generating the SSH Key

Once done, the system will save the SSH key pair (private and public keys) to the chosen location:

• Private key~/.ssh/id_rsa:

• Public key~/.ssh/id_rsa.pub:

Using Your SSH Key with GitHub, GitLab, or Bitbucket

After creating the SSH key, you need to add your public key (id_rsa.pub) to your GitHub, GitLab, or Bitbucket account.

Retrieve the Public Key

Use the following command to view the contents of the public key:

cat ~/.ssh/id_rsa.pub

Copy the entire public key from the output, which should look like this:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA... user@example.com

Add the SSH Key to Your Account

• GitHub: Go to GitHub SSH Settings, click New SSH key, paste the public key, and save.

• GitLab: Go to GitLab SSH Settings or click to your profile icon → Edit profile → SSH Keys, click New SSH key, paste the public key, and save.

• Bitbucket: Go to Bitbucket SSH Settings, click Add key, paste the public key, and save.

Test the Connection

To verify that your SSH key is working, use the following command:

ssh -T git@github.com

If it’s successful, you should see a welcome message from GitHub (or GitLab/Bitbucket). If you set a passphrase, you’ll need to enter it for authentication.

Using SSH Agent to Manage Passphrases

If you set a passphrase for your private key and want to avoid entering it every time, you can use an SSH Agent. The SSH Agent temporarily stores your private key in memory, allowing quick, password-free connections throughout the current session.

Start the SSH Agent:

eval "$(ssh-agent -s)"

Add the Private Key to the SSH Agent:

ssh-add ~/.ssh/id_rsa

Once added, the SSH Agent will manage your passphrase in memory until you close your session or restart your computer.

Final Thoughts

SSH keys provide a secure and convenient way to connect to repositories on GitHub, GitLab, or Bitbucket without needing to type a password. Always ensure that your private key remains private and is stored securely on your computer. Using a passphrase and the SSH Agent is a great option for added security when necessary.

I hope this guide helps you easily and securely set up and use your SSH key!

​

Bonus

​Some commands to generate ssh key

ssh-keygen -t rsa -b 4096 -C "[email protected]"

ssh-keygen -t ed25519 -C "[email protected]"

​

Certainly! Here's the Bonus section in English you can add to your blog post:

🔐 Bonus: What Happens If You Leak Your SSH Key?

While SSH keys provide a secure and efficient way to authenticate with services like GitHub, GitLab, or Bitbucket, it's crucial to understand the risks if your SSH key — especially your private key — gets exposed.

🟢 If You Leak Your Public Key (id_rsa.pub)

No worries! The public key is designed to be shared.

It does not pose a security risk cannot be used to access your machine or any remote systems on its own, and .

🔴 If You Leak Your Private Key (id_rsa)

This is serious. Your private key is like a master password that proves your identity to services you've connected to.

If someone gains access to your private key, they can:

• Impersonate you and push/pull code from repositories where your key is trusted (e.g., GitHub, GitLab).

• Access servers where your public key is authorized.

• Potentially insert malicious code steal data or from repositories or remote machines you control.

🔒 Important: They cannot directly access your local computer unless:

• You are running an SSH server, and

• They add your leaked private key to their SSH client.

🛡️ How to Protect Yourself

• Always keep your private key secure. Never share it, commit it to a repository, or upload it to the cloud.

• Use a passphrase when generating your SSH key. This adds an extra layer of protection in case your private key is compromised.

• Use an SSH agent to manage passphrases securely during sessions.

• If your private key is leaked, immediately:

  • Remove the associated public key from all trusted platforms (e.g., GitHub > Settings > SSH Keys).

  • Generate a new key pair, and

  • Replace the old key with the new one everywhere it was used.

​