Post

SSH Key Setup for GitHub, GitLab, Proxmox, and Raspberry Pi

Comprehensive guide for setting up and maintaining SSH keys across multiple services, including key rotation, agent configuration, and PowerShell integration.

Posted
By Sreeju KS
4 min read
SSH Key Setup for GitHub, GitLab, Proxmox, and Raspberry Pi

This guide provides a comprehensive approach to managing SSH keys across multiple services in a Windows environment. Whether you’re connecting to GitHub, GitLab, Proxmox, or Raspberry Pi devices, this setup ensures secure and convenient access through PowerShell integration.

Key features of this setup:

  • Separate SSH keys for each service for enhanced security
  • PowerShell functions for quick access to different services
  • Automated SSH agent configuration
  • Regular key rotation and maintenance procedures
  • Windows-specific considerations and best practices

This configuration is particularly useful for developers and system administrators who need to manage multiple SSH connections while maintaining security best practices.

🛠️ SSH Key Generation

Generate a unique ED25519 key for each service. Using separate keys for different services enhances security through isolation:

1
2
3
4

ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_github -C "github key"
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_gitlab -C "gitlab key" 
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_proxmox -C "proxmox key"
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_rpi5 -C "rpi5 key"

⚠️ On Windows, ensure the ~/.ssh/ directory exists:

1

mkdir ~\.ssh

Adding Public Keys to Services

GitHub

  1. Open your public key file:
    • Navigate to C:\Users\YourUsername\.ssh\
    • Open id_ed25519_github.pub in a text editor
    • Copy the entire content (starts with ssh-ed25519 and ends with your email)
  2. Go to GitHub → Settings → SSH and GPG keys → New SSH key
  3. Give it a title (e.g., “Windows Laptop”)
  4. Paste the key and click “Add SSH key”

GitLab

  1. Open your public key file:
    • Navigate to C:\Users\YourUsername\.ssh\
    • Open id_ed25519_gitlab.pub in a text editor
    • Copy the entire content
  2. Go to GitLab → Preferences → SSH Keys
  3. Paste the key, add a title, and click “Add key”

Proxmox

  1. Open your public key file:
    • Navigate to C:\Users\YourUsername\.ssh\
    • Open id_ed25519_proxmox.pub in a text editor
    • Copy the entire content
  2. SSH into your Proxmox host using password authentication
  3. Create or edit the authorized_keys file:
    1
2

    mkdir -p ~/.ssh
nano ~/.ssh/authorized_keys
  4. Paste your public key on a new line
  5. Save the file (Ctrl+O, then Enter) and exit (Ctrl+X)
  6. Set proper permissions:
    1
2

    chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Raspberry Pi

  1. Open your public key file:
    • Navigate to C:\Users\YourUsername\.ssh\
    • Open id_ed25519_rpi5.pub in a text editor
    • Copy the entire content
  2. SSH into your Raspberry Pi using password authentication
  3. Create or edit the authorized_keys file:
    1
2

    mkdir -p ~/.ssh
nano ~/.ssh/authorized_keys
  4. Paste your public key on a new line
  5. Save the file (Ctrl+O, then Enter) and exit (Ctrl+X)
  6. Set proper permissions:
    1
2

    chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

🔐 SSH Config Setup (~/.ssh/config)

Create or edit your SSH config file to manage multiple service connections. This configuration enables easy switching between different services:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

Host github
    HostName github.com
    User git
    IdentityFile C:/Users/srees/.ssh/id_ed25519_github
    IdentitiesOnly yes

Host gitlab
    HostName gitlab.com
    User git
    IdentityFile C:/Users/srees/.ssh/id_ed25519_gitlab
    IdentitiesOnly yes

Host proxmox
    HostName proxmox.local # or your internal IP like 192.168.1.50
    User root
    Port 22
    IdentityFile C:/Users/srees/.ssh/id_ed25519_proxmox
    IdentitiesOnly yes

Host rpi5
    HostName raspberrypi5.local
    User rpi
    Port 22065
    IdentityFile C:/Users/srees/.ssh/id_ed25519_rpi5
    IdentitiesOnly yes

Host rpi4
    HostName rpimaster4.local
    User rpi
    Port 22
    IdentityFile C:/Users/srees/.ssh/id_ed25519_rpi5
    IdentitiesOnly yes

⚙️ PowerShell Function Setup

Edit your PowerShell profile to create convenient aliases for SSH connections:

1

notepad $PROFILE

Add these functions for quick access:

1
2
3
4
5

function rpi5 { ssh rpi5 }
function rpi4 { ssh rpi4 }
function proxmox { ssh proxmox }
function github { ssh github }
function gitlab { ssh gitlab }

Then reload the profile:

1

. $PROFILE

🔑 Key Rotation and Maintenance

Regular key rotation is essential for maintaining security. Here’s how to manage your SSH keys:

Key Rotation Process

  1. Generate New Keys
    1
2

    # Generate new key with a date suffix
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_github_new -C "github key $(Get-Date -Format 'yyyy-MM')"
  2. Update Services
    • Add the new public key to each service
    • Test the new key works
    • Remove the old key from services
    • Keep old keys for 30 days before deletion (in case of issues)
  3. Update Config
    • Modify ~/.ssh/config to point to new key files
    • Test all connections
    • Remove old key files after the grace period

Maintenance Schedule

  • Rotate keys every 6-12 months
  • Review key permissions quarterly
  • Backup SSH config and keys regularly
  • Document any changes to key configurations

✅ Usage

You can now SSH into each system with a simple command:

1
2
3
4

rpi5
proxmox
github
gitlab

📌 Notes and Best Practices

  • Make sure each service has its public key added (e.g., GitHub SSH settings, ~/.ssh/authorized_keys on RPi).
  • Always prefer ed25519 for secure and fast key generation.
  • Keep a secure backup of your SSH keys and config
  • Document any custom configurations or non-standard setups
  • Regularly audit your SSH keys and remove unused ones
Development Setup, Security, Windows, DevOps
ssh powershell github gitlab
This post is licensed under CC BY 4.0 by the author.