GitHub SSH on a VPS (Reliable Deploy Access)

If git pull on a VPS fails with:

Invalid username or token. Password authentication is not supported

you should switch to SSH-based authentication.

This is the most reliable setup for pull-based deploys.

1. Create a dedicated SSH key on the VPS

mkdir -p ~/.ssh && chmod 700 ~/.ssh
ssh-keygen -t ed25519 -C "vps-website" -f ~/.ssh/id_ed25519 -N ""
chmod 600 ~/.ssh/id_ed25519
chmod 644 ~/.ssh/id_ed25519.pub
cat ~/.ssh/id_ed25519.pub

Copy the printed public key.

2. Add the key to GitHub as a Deploy Key

In your repository:

• Settings
• Deploy keys
• Add deploy key

Use read-only unless the VPS must push.

3. Trust GitHub host keys

ssh-keyscan github.com >> ~/.ssh/known_hosts
chmod 644 ~/.ssh/known_hosts

This avoids interactive host verification prompts during deploy.

4. Test SSH access

ssh -T git@github.com

Expected: an authentication success message from GitHub.

5. Move repository remote from HTTPS to SSH

cd /opt/website
git remote set-url origin git@github.com:adrian-altner/website.git
git remote -v
git fetch
git pull

At this point, deploy updates work without PAT prompts.

6. Optional: explicit SSH config

For stricter control:

# ~/.ssh/config
Host github.com
  HostName github.com
  User git
  IdentityFile ~/.ssh/id_ed25519
  IdentitiesOnly yes

Then:

chmod 600 ~/.ssh/config

7. Quick troubleshooting

• Permission denied (publickey): key not added (or added to wrong repo/account).
• Repository not found: remote URL typo or missing repo access.
• Host key verification failed: missing known_hosts entry.

The key idea is simple: deployments should depend on machine identity, not interactive passwords.