When setting up SSH keys for secure communication with GitHub, it’s important to verify the RSA key fingerprint. This process ensures that the keys are correctly configured and associated with your GitHub account. This article will guide you through the steps to generate, add, and calculate the RSA key fingerprint for GitHub.

Generating Private keys

To generate a private key:

• In the upper-right corner of GitHub, click your profile photo and navigate to your account settings.
• For a personal account, click Settings. For an organization, click Your Organizations and then Settings next to the desired organization.
• In the left sidebar, click Developer settings, then GitHub Apps.
• Next to the desired GitHub App, click Edit.
• Under Private keys, click Generate a private key.
• A private key in PEM format will be downloaded to your computer. Store this file securely as GitHub only retains the public portion of the key. For more information on secure storage, refer to GitHub’s documentation on storing private keys.

Generate an RSA Key Pair

If you haven’t already generated an RSA key pair, you’ll need to create one. Follow these steps to generate a new SSH key pair

Step 1: Open Terminal

Open your terminal application.

Step 2: Generate the Key Pair

Use the ssh-keygen command to generate a new RSA key pair. Replace [email protected] with your email address.

ssh-keygen -t rsa -b 4096 -C "[email protected]"

Step 3: Save the Key Pair

You’ll be prompted to save the key pair to a specific file location. Press Enter to accept the default location, or specify a different path.

Enter file in which to save the key (/Users/your_username/.ssh/id_rsa)

Step 4: Enter a Passphrase (Optional)

You can enter a passphrase to add an extra layer of security. This step is optional but recommended.

Enter passphrase (empty for no passphrase):
Enter same passphrase again:

passphrase to add an extra layer of security

Add the SSH Key to the SSH Agent

To manage your SSH keys, you need to add the newly generated key to the SSH agent.

Step 1: Start the SSH Agent

Ensure the SSH agent is running.

eval "$(ssh-agent -s)"

Step 2: Add the SSH Key

Use the ssh-add command to add your private key to the SSH agent.

ssh-add ~/.ssh/id_rsa

Step 3: Calculate the RSA Key Fingerprint

After adding your SSH key to GitHub, you can calculate the key fingerprint to verify it.

Step 4: Calculate the Fingerprint

Use the ssh-keygen command to generate the fingerprint of your public key.

ssh-keygen -lf ~/.ssh/id_rsa.pub

The output will look something like this:

2048 SHA256:AbCdEfGhIjKlMnOpQrStUvWxYz123
4567890abcdef1234567890 user@hostname (RSA)

Here, SHA256:AbCdEfGhIjKlMnOpQrStUvWxYz1234567890abcdef1234567890 is the fingerprint of your RSA key.

ssh-keygen command to generate the fingerprint of your public key

Verify the RSA Key Fingerprint on GitHub

To ensure that your SSH key is correctly added and recognized by GitHub, you can verify the fingerprint:

Step 1: Test the SSH Connection

Use the following command to test the SSH connection to GitHub

ssh -T [email protected]

You should see a message similar to this:

Hi username! You've successfully authenticated, but GitHub does not provide shell access.

Step 2: Compare Fingerprints

GitHub provides the fingerprints of all the keys added to your account. You can view these on the “SSH and GPG keys” settings page. Compare the fingerprint you calculated with the one displayed on GitHub to ensure they match.

Conclusion

Calculating and verifying the RSA key fingerprint ensures secure communication between your local machine and GitHub. By following these steps, you can generate an RSA key pair, add it to your GitHub account, calculate its fingerprint, and verify it. This process helps in maintaining the security and integrity of your Git operations on GitHub.