UseCase10_GitHubSSH - sandersdHES/PAMEmergingTech GitHub Wiki

6.10 Connecting to GitHub using SSH keys generated by PAM360

Objective

This use case demonstrates how to use PAM360 to securely manage and store SSH keys used for accessing GitHub. It includes generating SSH keys, configuring GitHub to use the public key, storing the private key securely in PAM360, and testing authentication.

Context

GitHub supports SSH key-based authentication for pushing and pulling code securely without using a password or token. While this is convenient, private key security is critical. PAM360 allows you to safely manage private keys, associate metadata, and monitor their use—aligning with privileged access best practices.

Prerequisites

Admin access to PAM360
A GitHub account
A local terminal with SSH and keygen tools installed
Git installed (to test SSH authentication)

Step 1: Generate an SSH Key Pair

In your terminal (Linux/macOS/WSL on Windows), run:

ssh-keygen -t rsa -b 4096 -f "$HOME\.ssh\github_pam360_key"

This will generate:

github_pam360_key → Private key
github_pam360_key.pub → Public key

Alternative: PAM360 can also generate the key pair for you (with passphrase) via its SSH Key Management feature. This will be showcased in the use case 6.xx

Step 2: Add the Public Key to GitHub

Open GitHub SSH Key Settings
Click “New SSH key”
Provide a name like pam360 test
Paste the contents of your github_pam360_key.pub file

Step 3: Store the Private Key in PAM360

Go to PAM360 > Resources > SSH Keys
Click “Add SSH Key”
Upload the private key file: github_pam360_key
Optionally, add metadata:
- Usage: GitHub Access
- Associated User/Team
- Expiration Policy, etc.

PAM360 ensures the key is encrypted at rest and access-controlled.

Step 4: Test SSH Authentication to GitHub

Use the command line to test the private key manually:

ssh -i ~/.ssh/github_pam360_key -T [email protected]

If everything is configured properly, GitHub should respond:

Hi your-username! You've successfully authenticated...