# How to Set Up Your Ubuntu Server for Secure, Password-Free Git Pulls (The Correct and Permanent Way)

If you’re deploying code to an Ubuntu server, you’ve probably typed GitHub credentials more times than you’d like. Or worse—maybe you tried embedding your GitHub Personal Access Token (PAT) directly inside a clone URL and discovered GitHub now rejects that method.

What you *really* want is simple:

✔ Run `git pull`, `git clone`, or `git fetch`  
✔ **Without entering username, password, or tokens**  
✔ **Without using sudo**  
✔ **And without leaking PATs**

This guide walks you through **the correct, secure, permanent way** to authenticate your Ubuntu server with GitHub using SSH keys—GitHub’s official recommended method.

---

## **Why You Should Stop Using HTTPS Tokens for Git**

GitHub removed support for passing a PAT inside the URL (like [`https://TOKEN@github.com/...`).  
It’s](https://TOKEN@github.com/...\).￼It’s) insecure and now officially blocked.

Instead, the long-term, secure solution is **SSH authentication**.

Benefits:

* 🔐 No passwords or tokens
    
* 🚀 Faster than HTTPS
    
* 🛡 Safe even on public servers
    
* 🔄 Works for pull/push automatically
    
* 🧹 Avoids `sudo git` permission disasters
    

---

# **Step 1 — Generate an SSH Key on Your Ubuntu Server**

Run the following command:

```bash
ssh-keygen -t ed25519 -C "your_github_email@example.com"
```

Press **Enter** to accept the default file location:

```plaintext
/home/youruser/.ssh/id_ed25519
```

You may also set a passphrase (optional, but more secure).

---

# **Step 2 — Start the SSH Agent & Add Your Key**

```bash
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519
```

This loads your key so Git can use it.

---

# **Step 3 — Copy Your Public Key**

```bash
cat ~/.ssh/id_ed25519.pub
```

Copy the full line that starts with:

```plaintext
ssh-ed25519 ...
```

---

# **Step 4 — Add the Key to Your GitHub Account**

1. Open GitHub
    
2. Go to **Settings → SSH and GPG keys**
    
3. Click **New SSH Key**
    
4. Paste your key
    
5. Save
    
6. Done 🎉
    

Your server is now trusted by GitHub.

---

# **Step 5 — Configure Your Git Repository to Use SSH**

If your repo is already cloned with HTTPS:

```bash
cd /path/to/your/repo
git remote set-url origin git@github.com:USERNAME/REPO.git
```

If not cloned yet, clone it directly with SSH:

```bash
git clone git@github.com:USERNAME/REPO.git
```

No passwords required.

---

# **Step 6 — Test Your Setup**

Try:

```bash
git pull
git push
```

Git should authenticate silently—no prompts.

---

# **Fixing the “sudo git” Problem (Optional but Important)**

Many developers accidentally run Git with `sudo`, which causes permission issues.

If that happened, fix ownership:

```bash
sudo chown -R $USER:$USER /path/to/your/repo
```

Never use `sudo git` unless working inside a restricted directory.

---

# **Bonus: Auto-Load SSH Keys After Reboot**

Create or edit:

```plaintext
~/.ssh/config
```

Add:

```plaintext
Host *
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_ed25519
```

Now your key loads automatically every login—no manual `ssh-add`.

---

# **You’re Done — Git Is Now Fully Automated**

With SSH authentication:

✔ No more usernames  
✔ No more passwords  
✔ No more PAT leaks  
✔ No more permission problems  
✔ Secure, permanent Git access on your Ubuntu server

Whether you’re deploying Node, Python, .NET, PHP, Docker, or anything else—this setup keeps your workflow fast, safe, and professional.
