Header

GitHub - Using Machine Users

What are Machine Users?

A machine user is a GitHub account specifically created for automated processes, servers, or deployment scripts. Unlike personal user accounts, machine users are designed to provide a streamlined way to access multiple repositories without the complexity of managing multiple deploy keys.

Benefits of Using Machine Users

  • Simplified Access Management: Add the machine user as a collaborator to multiple repositories
  • Easy Access Control: Quickly grant or revoke access by adding or removing the user from repositories
  • Single SSH Key: Use one SSH key for multiple repository interactions
  • Clean Separation: Keep automated access separate from personal accounts

How to Set Up a Machine User

1. Create a Machine User Account

  1. Go to GitHub and create a new account
  2. Use an email alias if desired (e.g., youremail+machineuser@gmail.com)
  3. Choose a descriptive username that indicates its purpose

2. Add Machine User to Repositories

For each repository the machine user needs to access:

  1. Navigate to the repository settings
  2. Click on "Collaborators and teams"
  3. Add the machine user as a collaborator
  4. Select appropriate access level (Read or Write)

3. Generate SSH Key for Machine User

# Generate SSH key
ssh-keygen -t ed25519 -C "machine-user@example.com"

# Add the key to the machine user's GitHub account
# Copy the contents of the public key (~/.ssh/id_ed25519.pub)
# Paste it in GitHub account settings > SSH and GPG keys

# Edit ~/.ssh/config
Host github.com
    User git
    IdentityFile ~/.ssh/machine_user_key

Best Practices

  • Use a unique, strong password for the machine user
  • Limit the machine user's access to only necessary repositories
  • Regularly audit and rotate SSH keys
  • Consider using GitHub's personal access tokens for additional security options

Potential Limitations

  • Machine users count towards GitHub's user limits
  • Requires manual management of repository access
  • Not suitable for complex access control scenarios

Troubleshooting

  • Ensure the SSH key is correctly added to both the machine user's GitHub account and the local SSH configuration
  • Verify repository collaborator permissions
  • Check SSH connectivity with ssh -T git@github.com

Alternatives to Consider

  • GitHub Actions
  • Deploy keys (for single repository access)
  • GitHub Apps (for more complex automation needs)

Note: Always follow your organization's security policies when implementing machine users.

Tree

Proudly powered by Katapult. Running on 100% renewable energy.