2025-12-11
My repository remotes are set up to use deploy keys exclusively, as I don’t want to inadvertently push changes from the wrong account due to forgetting to change the local machine user’s credentials.
I used to do so by keeping several subdirectories inside my .ssh directory for per-account keys and manually pasting them outside whenever I want to push a specific repo, but it’s cumbersome and still quite error-prone.
Eventually I came across this SuperUser answer and adapted it with my slight twist leveraging the fact that the .git directory’s contents are well-behaved and don’t read or modify anything that Git doesn’t recognize, so no risk of accidentally committing keys.
Assuming the filenames of your private/public keypair are respectively id_ed25519 and id_ed25519.pub :
Paste the private key file id_ed25519 into the .git directory of your current repo,
i.e. it should be located at
(Since SSH don’t actually care about the key’s filename, you can rename your keyfile to a more descriptive one as long as you reconfigure the sshCommand accordingly to refer to the right file)
Now anytime you push this repository to remote, it will use that private key file instead of the one located in your machine user’s .ssh directory.
This setup is localized to that repo and is entirely self-contained, i.e. you can move the repo to a different path or place it on a thumb drive to a different machine and it will work without reconfiguring.
... continue reading