Skip to content

Instantly share code, notes, and snippets.

@gabriel-lopez

gabriel-lopez/yubikey-ssh-auth-setup.md

Created March 15, 2026 09:12
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save gabriel-lopez/0f39a2b5e0d6be008375bfe8940667c3 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save gabriel-lopez/0f39a2b5e0d6be008375bfe8940667c3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
yubikey-ssh-auth-setup.md

GitHub Authentication via SSH using a YubiKey

1. Generate a resident authentication key

A separate key from the signing one — same process, different application name:

ssh-keygen -t ed25519-sk -O resident -O application=ssh:<your-username>-auth -O user=<your-username> -C "<your-email>" -f "$env:USERPROFILE\.ssh\id_ed25519_sk_<your-username>-auth"

2. Add the public key to GitHub

Copy the public key:

Get-Content "$env:USERPROFILE\.ssh\id_ed25519_sk_<your-username>-auth.pub"

Go to GitHub → Settings → SSH and GPG keys → New SSH key:

  • Title: YubiKey <your-username> auth
  • Key type: Authentication Key
  • Paste the public key

3. Configure SSH to use this key for GitHub

Add to ~\.ssh\config (create the file if it doesn't exist):

Host github.com
    IdentityFile ~/.ssh/id_ed25519_sk_<your-username>-auth
    IdentitiesOnly yes

Add-Content "$env:USERPROFILE\.ssh\config" "`nHost github.com`n    IdentityFile ~/.ssh/id_ed25519_sk_<your-username>-auth`n    IdentitiesOnly yes"

4. Test the connection

ssh -T git@github.com

Expected response: Hi <your-username>! You've successfully authenticated, but GitHub does not provide shell access.

5. Set the repo remote to SSH

git remote set-url origin git@github.com:<your-username>/<your-repo>.git

Verify:

git remote -v

6. Push

git push -u origin main

Touch the YubiKey when prompted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment