Environment variable GIT_SSH_COMMAND:

From Git version 2.3.0, you can use the environment variable GIT_SSH_COMMAND like this:

GIT_SSH_COMMAND="ssh -i ~/.ssh/id_rsa_example" git clone example

Note that -i can sometimes be overridden by your config file, in which case, you should give SSH an empty config file, like this:

GIT_SSH_COMMAND="ssh -i ~/.ssh/id_rsa_example -F /dev/null" git clone example

Configuration core.sshCommand:

From Git version 2.10.0, you can configure this per repo or globally, so you don't have to set the environment variable any more!

git config core.sshCommand "ssh -i ~/.ssh/id_rsa_example -F /dev/null"

git pull

git push

There is no direct way to tell git which private key to use, because it relies on ssh for repository authentication. However, there are still a few ways to achieve your goal:

Option 1: ssh-agent

You can use ssh-agent to temporarily authorize your private key.

For example:

$ ssh-agent sh -c 'ssh-add ~/.ssh/id_rsa; git fetch user@host'

Option 2: GIT_SSH_COMMAND

Pass the ssh arguments by using the GIT_SSH_COMMAND environment variable
(Git 2.3.0+).

For example:

$ GIT_SSH_COMMAND='ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' 

  git clone user@host

_{You can type this all on one line — ignore $ and leave out the .}

Option 3: GIT_SSH

Pass the ssh arguments by using the GIT_SSH environment variable to specify alternate ssh binary.

For example:

$ echo 'ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $*' > ssh

$ chmod +x ssh

$ GIT_TRACE=1 GIT_SSH='./ssh' git clone user@host

_{Note: The above lines are shell (terminal) command lines which you should paste into your terminal. They will create a file named ssh, make it executable, and (indirectly) execute it.}

^{Note: GIT_SSH is available since v0.99.4 (2005).}

Option 4: ~/.ssh/config

Use the ~/.ssh/config file as suggested in other answers in order to specify the location of your private key, e.g.

Host github.com

  User git

  Hostname github.com

  IdentityFile ~/.ssh/id_rsa

Write a script that calls ssh with the arguments you want, and put the filename of the script in $GIT_SSH. Or just put your configuration in ~/.ssh/config.

If you do not want to have to specify environment variables every time you run git, do not want another wrapper script, do not/can not run ssh-agent(1), nor want to download another package just for this, use the git-remote-ext(1) external transport:

$ git clone 'ext::ssh -i $HOME/.ssh/alternate_id git.example.com %S /path/to/repository.git'

Cloning into 'repository'

(...)

$ cd repository

$ git remote -v

origin  ext::ssh -i $HOME/.ssh/alternate_id git.example.com %S /path/to/repository.git (fetch)

origin  ext::ssh -i $HOME/.ssh/alternate_id git.example.com %S /path/to/repository.git (push)

I consider this solution superior because:

• It is repository/remote specific


• Avoid wrapper script bloat


• Do not need the SSH agent -- useful if you want unattended clones/push/pulls (e.g. in cron)


• Definitely, no external tool needed

After my struggle with $GIT_SSH I would like to share what worked for me.

Through my examples I will assume you have your private key located at/home/user/.ssh/jenkins

Error to avoid: GIT_SSH value includes options

$ export GIT_SSH="ssh -i /home/user/.ssh/jenkins"

or whatever similar will fails, as git will try to execute the value as a file. For that reason, you have to create a script.

Working example of $GIT_SSH script /home/user/gssh.sh

The script will be invoked as follows:

$ $GIT_SSH [username@]host [-p <port>] <command>

Sample script working could look like:

#!/bin/sh

ssh -i /home/user/.ssh/jenkins $*

Note the $* at the end, it is important part of it.

Even safer alternative, which would prevent any possible conflict with anything in your default config file (plus explicitly mentioning the port to use) would be:

#!/bin/sh

ssh -i /home/user/.ssh/jenkins -F /dev/null -p 22 $*

Assuming the script is in /home/user/gssh.sh, you shall then:

$ export GIT_SSH=/home/user/gssh.sh

and all shall work.

Use custom host config in ~/.ssh/config, like this:

Host gitlab-as-thuc  

    HostName github.com

    User git

    IdentityFile ~/.ssh/id_rsa.thuc

    IdentitiesOnly yes

then use your custom hostname like this:

git remote add thuc git@gitlab-as-thuc:your-repo.git  

You can just use ssh-ident instead of creating your own wrapper.

You can read more at:
https://github.com/ccontavalli/ssh-ident

It loads ssh keys on demand when first needed, once, even with multiple login sessions, xterms or NFS shared homes.

With a tiny config file, it can automatically load different keys and keep them separated in different agents (for agent forwarding) depending on what you need to do.

I had a client that needed a separate github account. So I needed to use a separate key just for this one project.

My solution was to add this to my .zshrc / .bashrc:

alias infogit="GIT_SSH_COMMAND="ssh -i ~/.ssh/id_specialkey" git $@"

Whenever I want to use git for that project I replace "infogit" with git:

infogit commit -am "Some message" && infogit push

For me, it's easier to remember.

My solution was this:

create a script:

#!/bin/bash

KEY=dafault_key_to_be_used

PORT=10022 #default port...

for i in $@;do

   case $i in

    --port=*)

        PORT="${i:7}";;

    --key=*)KEY="${i:6}";;

   esac

done

export GIT_SSH_COMMAND="ssh -i $HOME/.ssh/${KEY} -p ${PORT}"

echo Command: $GIT_SSH_COMMAND

then when you have to change the var run:

. ./thescript.sh [--port=] [--key=]

Don't forget the extra dot!! this makes the script set the environments vars!! --key and --port are optional.

So I set the GIT_SSH env variable to $HOME/bin/git-ssh.

In order to support having my repo configuration dictate which ssh identity to use, my ~/bin/git-ssh file is this:

#!/bin/sh

ssh -i $(git config --get ssh.identity) -F /dev/null -p 22 $*

Then I have a global git config setting:

$ git config --global ssh.identity ~/.ssh/default_id_rsa

And within any git repository I can just set a local ssh.identity git config value:

$ git config --local ssh.identity ~/.ssh/any_other_id_rsa

Voila!

If you can have a different email address for each identity, it gets even simpler, because you can just name your keys after your email addresses and then have the git config's user.email drive the key selection in a ~/bin/git-ssh like this:

#!/bin/sh

ssh -i $HOME/.ssh/$(git config --get user.email) -F /dev/null -p 22 $*

Generally, you want to use ~/.ssh/config for this. Simply pair server addresses with the keys you want to use for them as follows:

Host github.com

  IdentityFile ~/.ssh/id_rsa.github

Host heroku.com

  IdentityFile ~/.ssh/id_rsa.heroku

Host *

  IdentityFile ~/.ssh/id_rsa

Host * denotes any server, so I use it to set ~/.ssh/id_rsa as the default key to use.

I build on @shellholic and this SO thread with a few teaks. I use GitHub as an example and assume that you have a private key in ~/.ssh/github (otherwise, see this SO thread) and that you added the public key to your GitHub profile (otherwise see GitHub's help).

If needed, create a new SSH config file at ~/.ssh/config and change permissions to 400

touch ~/.ssh/config

chmod 600 ~/.ssh/config

Add this to the ~/.ssh/config file:

Host github.com

    IdentityFile ~/.ssh/github

    IdentitiesOnly yes

If you already have a remote set up, you may want to delete it, otherwise you may still be prompted for username and password:

git remote rm origin

Then add a remote to the git repository, and notice the colon before the user name:

git remote add origin git@github.com:user_name/repo_name.git

And then git commands work normally, e.g.:

git push origin master

git pull origin 

@HeyWatchThis on this SO thread suggested adding IdentitiesOnly yes to prevent the SSH default behavior of sending the identity file matching the default filename for each protocol. See that thread for more information and references.

I'm using git version 2.16 and I don't need a single piece of script not even a config or modified commands.

• Just copied my private key to .ssh/id_rsa


• set permissions to 600

And git reads to key automatically. I doesn't ask anything and it doesn't throw an error. Just works fine.

Just use ssh-agent and ssh-add commands.

# create a agent

ssh-agent



# add your default key

ssh-add ~/.ssh/id_rsa



# add your second key

ssh-add ~/.ssh/<your key name>

After execute above commands, you can use both key as same time.
Just type

git clone git@github.com:<yourname>/<your-repo>.git

to connect your repository.

You need to execute above command after you reboot your machine.

English is not my native language; please excuse typing errors.

While the question doesn't request it, I am including this answer for anyone else looking to solve the same problem just specifically for gitlab.

The gitlab solution

I tried using the environment-variables approach, but even the git documentation recommends using ~/.ssh/config for anything more than the simple case. In my case I am pushing to a gitlab server - and I wanted to do so as a specific user - which is of course defined by the private-key during authentication and not the username git. Once implemented I simply perform the following:

~/myrepo> git mycommit -m "Important Stuff"

~/myrepo> git mypush

[proceed to enter passphrase for private key...]

Setup

Recall the location of your private-key /myfolder/.ssh/my_gitlab_id_rsa in my case.

Add an entry in ~/.ssh/config:

Host gitlab-delegate

    HostName gitlab.mydomain.com

    User git

    IdentityFile /myfolder/.ssh/my_gitlab_id_rsa

    IdentitiesOnly yes

Add the git-alias in ~/.gitconfig:

mypush = "!f() { 

           path=$(git config --get remote.origin.url | cut -d':' -f2); 

           branch=$(git rev-parse --abbrev-ref HEAD); 

           git remote add gitlab_as_me git@gitlab-delegate:$path && 

           git push gitlab_as_me $branch && 

           git pull origin $branch; 

           git remote remove gitlab_as_me; 

         }; f"

As a bonus, I perform my commits on this same host as a specific user with this git-alias:

mycommit = "!f() { 

             git -c "user.name=myname" -c "user.email=myname@mysite.com" commit "$@"; 

           }; f"

Explanation

All of the above assumes the relevant remote is origin and the relevant branch is currently checked out. For reference I ran into several items that needed to be addressed:

• The solution requires creating a new remote gitlab_as_me, and I didn't like seeing the extra remote hanging around in my log tree so I remove it when finished


• In order to create the remote, there is a need to generate the remote's url on the fly - in the case of gitlab this was achieved with a simple bash cut
  


• When performing a push to gitlab_as_me you need to be specific about what branch you are pushing


• After performing the push your local origin pointer needs to be "updated" in order to match gitlab_as_me (the git pull origin $branch does this)