Using a Separate SSH Key for GitHub
· Jerwin Arnado · 3 min read ·
To use a separate, custom SSH key for GitHub instead of your default identity, you must generate the key, configure your local SSH configuration file to point to the separate private key, and then update your GitHub repository’s remote URL to match.
Step 1: Generate the Separate Key
Create a new key pair with its own filename so it never collides with your default id_ed25519 / id_rsa. Ed25519 is the modern default; use RSA only if a host requires it.
# Modern default (recommended)
ssh-keygen -t ed25519 -C "[email protected]" -f ~/.ssh/your_separate_key_name
# RSA fallback, if you need it
ssh-keygen -t rsa -b 4096 -C "[email protected]" -f ~/.ssh/your_separate_key_name
The -f flag sets the filename so the prompt won’t overwrite your default key; -C is just a label. This writes the private key to ~/.ssh/your_separate_key_name and the public key to ~/.ssh/your_separate_key_name.pub.
Step 2: Create a Custom SSH Config Rule
You need to tell your machine exactly when to use your separate key file.
- Open or create your SSH configuration file (
~/.ssh/config) using a text editor. - Add a custom host definition like the block below:
# Custom GitHub Account Profile
Host github.com-separate
HostName github.com
User git
IdentityFile ~/.ssh/your_separate_key_name
IdentitiesOnly yes
(Note: Point IdentityFile at the exact filename of your private key from Step 1, not the .pub file. IdentitiesOnly yes prevents SSH from falling back to your default id_ed25519 / id_rsa key.)
Step 3: Add Your Public Key to GitHub
- Copy the contents of your separate public key (
.pubfile). - Log in to GitHub.
- Go to Settings > SSH and GPG keys > New SSH key.
- Paste the public key string and save it.
Step 4: Clone or Update Your Repositories
Because you assigned a custom nickname (github.com-separate) in your configuration file, you must swap out github.com in your repository URLs with that exact nickname.
- To clone a new repository:
git clone [email protected]:username/repo-name.git - To fix an existing repository already on your machine:
Navigate into the local repository directory and run:
git remote set-url origin [email protected]:username/repo-name.git
Alternative: Repo-Specific Git Configuration
If you only need this key for a single project and prefer not to alter your global SSH setup, you can enforce the key directly through your local Git repository settings. Navigate into your local repository folder and execute:
git config core.sshCommand "ssh -i ~/.ssh/your_separate_key_name -F /dev/null"
This forces that single repository to use your specific key file for all pushes and pulls without relying on a global config file.