A comprehensive guide on how to clone organization-owned private repositories on AWS EC2 instances using deploy keys. This method is secure and doesn’t require storing personal access tokens on the server.
Prerequisites
- An account with access to the private repository
- SSH connectivity to the EC2 instance established
- Basic knowledge of Linux Basic Commands
Step 1: Create Deploy Key on EC2 Instance
Generate SSH Key Pair
- SSH into your EC2 instance
- Generate a new SSH key pair:
ssh-keygen -t ed25519 -a 100 -C "your-github-email@example.com"Note
Replace
your-github-email@example.comwith your actual GitHub account email
- Navigate to the SSH directory (usually
/home/ec2-user/.sshor/home/ubuntu/.ssh) - Display the public key:
cat ~/.ssh/id_ed25519.pubCopy this public key - you’ll need it for the next step.
Step 2: Add Deploy Key to GitHub Repository
- Navigate to your private repository on GitHub
- Click on Settings in the top navigation bar
- Select Deploy Keys from the left sidebar
- Click Add deploy key button
- Enter:
- Title: A descriptive name for this deploy key
- Key: Paste the public key from Step 1
- Click Add key to save
Warning
Do not modify the public key content when pasting it into GitHub
Step 3: Test GitHub Connection
Verify that your EC2 instance can authenticate with GitHub:
ssh -T git@github.comYou might see a confirmation prompt:
Are you sure you want to continue connecting (yes/no/[fingerprint])?
Type yes to proceed.
Expected Success Response
Warning: Permanently added 'github.com' (ED25519) to the list of known hosts.
Hi YourORG/YourRepo! You've successfully authenticated, but GitHub does not provide shell access.
Step 4: Install Git (if not already installed)
Update package manager and install Git:
# For Amazon Linux/CentOS/RHEL
sudo yum update
sudo yum install git
# For Ubuntu/Debian
sudo apt update
sudo apt install gitStep 5: Clone the Private Repository
Now you can clone your private repository using SSH:
git clone git@github.com:OrgName/your-repo.gitReplace OrgName/your-repo.git with your actual organization and repository name.
or just
Debug SSH Connection
For detailed debugging information:
ssh -vT git@github.comTip
This method is preferred over using personal access tokens as it provides repository-specific access and doesn’t expose your personal GitHub credentials.