Switching Github accounts
17 October, 2023
After using my personal account for over a decade, I recently created a new GitHub account for work. This helps me keep the two identities separate and the attribution remains linked to the correct corresponding account.
Transitioning the organizations and repositories was fairly straight-forward. However, I encountered difficulties once I tried to run
git pull in one of the work repositories. Later that day, I received a message from my team that one of the GitHub Action was failing. This was because the action was using a token which was generated from my personal account. I generated a new token using the work account and it started working.
The larger issue to address was how to push or pull to repositories linked to two different GitHub accounts. I needed to use two different authentication identity providers. Until now, I was using the GitHub CLI for multiple purposes including authentication, but now it looked like I’d need to switch back to using ssh keys.
I generated two keys for personal and work use:
ssh-keygen -t ed25519 -C "[email protected]" -f $HOME/.ssh/personal -P "" ssh-keygen -t ed25519 -C "[email protected]" -f $HOME/.ssh/work -P ""
and then configured the
$HOME/.ssh/config file to specify the ssh key based on the
Host skippednote.github.com HostName github.com PreferredAuthentications publickey IdentityFile ~/.ssh/personal Host axelerant.github.com HostName github.com PreferredAuthentications publickey IdentityFile ~/.ssh/work
This works great for repositories like
github.com/axelerant/create-drupal-theme. Since, GitHub doesn’t have groups, at work we have numerous organizations under our GitHub enterprise like
github.com/axelerant-project-kahn. To address this, I’d have to keep updating the config file to add new
Host’s. Despite the overhead, this fix works. However, it didn’t seem like a satisfactory solution to me.
All my repositories can be found in the
code directory under
$HOME. This directory is further divided into two sections:
~/code/work. This segregation allows me to execute certain commands based on which directory I’m currently in.
GitHub CLI allows us to authenticate interactively or using a token. The token can be read from a file using:
gh auth login --from-token < FILE_NAME.txt
GH_TOKEN environment variable exists, we don’t need have a separate file and this is where
direnv would help us.
I generated two different Personal Access Token from my personal and work accounts with
read:org scopes assigned.
With two PAT tokens from two different accounts, I created
.envrc files under
These files were populated with the following content
export GH_TOKEN=[WORK/PERSONAL_GITHUB_TOKEN_VALUE] export GIT_SSH_COMMAND="ssh -i ~/.ssh/[either `personal` or `work`]" gh auth login --hostname=github.com
Now every time I
cd into a directory under
personal direnv would use the specified token in the
.envrc and log me into the corresponding GitHub account.
Using SSH everywhere
The last update to make everything work smoothly is to use
ssh instead of
https. To make this update globally I updated my global
git config --global url.ssh://[email protected]/.insteadOf https://github.com/
Switching Email Address
Regardless of which repository I committing to I was seeing my personal email next to my name. A simple work around for this is to override the git author email using
direnv. Updating the
.envrc to include the work and personal emails resolved this.
export GH_TOKEN=[WORK/PERSONAL_GITHUB_TOKEN_VALUE] export GIT_AUTHOR_EMAIL=[WORK/PERSONAL_EMAIL_ADDRESS] export GIT_SSH_COMMAND="ssh -i ~/.ssh/[either `personal` or `work`]" gh auth login --hostname=github.com
I noticed that I was seeing both my work and personal accounts showing up on all my commits.
This happens because your commit has properties for the
author and the
committer. To override this, I had to set an additional environment variable for the committer: