Git Clone, Push, And Pull Over SSH

Last Updated on 2023-04-26

The short answer

To clone a Git repository using the SSH protocol, you can use the [.inline-code]git clone[.inline-code] command with a valid SSH URL as follows:

 $ git clone git@host:username/repository.git


  • [.inline-code]host[.inline-code] represents the domain name or the IP address of the hosting server.
  • [.inline-code]username[.inline-code] represents your user account.
  • [.inline-code]repository[.inline-code] represents the name of the Git repository you want to clone.

For example:

 $ git clone

[#cloning]Cloning with SSH vs. HTTPS[#cloning]

The main difference between cloning a remote repository with SSH and HTTPS is the way the authentication is handled.

When using HTTPS, Git will prompt you for your username and password during the authentication process.

On the other hand, when using SSH, Git uses your SSH key to authenticate, which means that you don’t need to send your credentials over the network.

In that sense, SSH is a more secure method for cloning repositories and pushing / pulling commits, as only the machines with the key file on disk are able to access the repositories.

Moreover if the SSH key file was to be stolen, it won’t give access to the account itself (unlike the credentials) and can be easily revoked.

[#ssh-for-git]Set up SSH for Git[#ssh-for-git]

In order to be able to clone a remote Git repository using the SSH protocol, you will have to create a new SSH key pair on your local machine, and add this key to your Git hosting service. We will be using GitHub as our Git hosting service in the following examples, but others will work just as well.

[#recall-syntax]Using Warp's AI to quickly retrieve these steps[#recall-syntax]

If you’re using Warp as your terminal, you can easily retrieve an approximation of the steps described below using Warp's AI feature:

For that:

  1. Click on the bolt icon on the top right of the terminal
  2. Type in your question; for example: "How do I add a new SSH key to my Github account".
  3. Press [.inline-code]ENTER[.inline-code] to generate an answer.

As with any AI-powered tool, use it as a starting point and not a final answer. We’ll dig into more depth in our human-powered writeup below.

[#generate-key]Step 1: Generate a new SSH key with ssh-keygen[#generate-key]

To generate a new SSH key pair on your local machine, you can use the [.inline-code]ssh-keygen[.inline-code] command as follows:

 $ ssh-keygen -t ed25519 -C “”


  • The [.inline-code]-t[.inline-code] flag is used to specify the type of key to create, in this case, an ed25519, which is a popular type of public-key cryptography.
  • The [.inline-code]-C[.inline-code] flag is used to provide additional information about the key, such as its purpose or the user who generated it.

When prompted with this question, simply press [.inline-code]ENTER[.inline-code] to validate the recommended file path the key pair will be saved at, or type in another path if a similar file already exists in the [.inline-code].ssh[.inline-code] directory.

 Generating public/private ed25519 key pair.
 Enter file in which to save the key (/home/johndoe/.ssh/id_ed25519):

To the following questions, type in a passphrase to secure your key, and press [.inline-code]ENTER[.inline-code] once again to complete the process.

 Enter passphrase (empty for no passphrase):
 Enter same passphrase again:

You should now see a similar output in your terminal window confirming that the key was successfully generated:

 The key's randomart image is:
 +--[ED25519 256]--+
 |o.+o ..          |
 |. +o....+        |
 | +.=  .o.        |
 |o.+ o . .  .      |
 |o+ . . .So .     |
 |*.    oo+ o .    |
 |o*.  o =E= o     |
 |ooo.o =..o o      |
 |.o+o++ ..        |

And you should be able to find the following files in your [.inline-code].ssh[.inline-code] directory:

 $ ls ~/.ssh


  • The [.inline-code]id_ed25519[.inline-code] file is your private key whose content should be kept confidential.
  • The [.inline-code][.inline-code] file is your public key that we'll use in the next step.

[#add-public-key]Step 2: Add a public key to your GitHub account[#add-public-key]

To add a public key to your GitHub account, first display the content of the public key file you've just created using the [.inline-code]cat[.inline-code] command, and copy it to your clipboard using [.inline-code]CTRL+C[.inline-code] (or [.inline-code]CMD+C[.inline-code] on MacOS).

 $ cat ~/.ssh/

Alternatively, you can use the [.inline-code]pbcopy[.inline-code] command on MacOS as follows:

 $ pbcopy < ~/.ssh/

Once you've done that:

  1. Log in to your GitHub account.
  2. Navigate to “Settings”.
  3. Click on “SSH and GPG keys” in the left menu
  4. Click on the “New SSH key” button.

Or directly follow this link

From here:

  1. Add a short descriptive title in the [.inline-code]Title[.inline-code] field.
  2. Paste the public key in the [.inline-code]Key[.inline-code] field
  3. Click on the "Add SSH key" button to finalize the process.

[#clone]Step 3: Clone a repository[#clone]

To verify that the SSH key you’ve just added to your account works:

  1. Navigate to the repository you wish to clone.
  2. Click on the "Code" button.
  3. Copy the URL located under the "SSH" tab.

  1. Run the [.inline-code]git clone[.inline-code] command in your terminal with the URL you just copied.

[#specify-key]Step 4: Specify the SSH key to the ssh-agent[#specify-key]

If you don't want to type in your password every time your SSH key is used by Git, you can add your key to the list of keys managed by the SSH agent. To do so, first make sure that the SSH agent is running using the following command:

 $ eval "$(ssh-agent -s)"

Then add your private key file using the following [.inline-code]ssh-add[.inline-code] command:

 $ ssh-add ~/.ssh/id_ed25519

[#commits-with-ssh][.inline-code]git[.inline-code] pushing and pulling commits with SSH[#commits-with-ssh]

Once you've cloned a Git repository on your local machine with SSH, every commit you push and pull will automatically go through the SSH protocol, with no additional configuration steps required.