Automic VaultAutomic Vault

brew

Install github-keygen with Homebrew

Bootstrap GitHub SSH configuration. Version 1.401 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install github-keygen

local Homebrew formula metadata

overview

Package summary

Bootstrap GitHub SSH configuration

Commands and aliases

  • github-keygen

history

Project history and usage

github-keygen is a small Perl utility by Olivier Mengue for bootstrapping and maintaining OpenSSH configuration for GitHub. It creates a dedicated GitHub SSH key, writes a dedicated SSH config section, and installs GitHub host fingerprints in a separate known-hosts file.

Project history

The repository history begins with an initial release in May 2011. Its author-maintained README frames the tool as a one-shot wizard rather than a long-running daemon or library: users clone it, run it for a GitHub account, inspect the generated SSH configuration, and can remove the tool afterward.

The changelog shows the project tracking practical SSH and GitHub changes over time: stronger cipher choices in the 1.020 series, OpenSSH roaming mitigation in 1.101, generated-config versioning in 1.200, GitHub key comparison in 1.300, larger and then Ed25519 default keys in later releases, and post-quantum key-exchange list updates in 1.401.

Adoption history

Adoption appears niche and security-oriented. The tool serves users who want repeatable GitHub SSH setup, multiple GitHub accounts, per-machine keys, host aliases, strict host checking, and conservative handling of an existing SSH config.

How it is used

Practitioners run github-keygen with a GitHub username to generate or update SSH files under ~/.ssh. The generated setup gives GitHub its own key, known_hosts file, public-key-only authentication, strict host checking, and account-specific host aliases for Git remotes.

The README emphasizes local auditability: the script is readable Perl, writes configuration files rather than a resident service, and can check GitHub public endpoints to verify registered keys unless the offline flag is used.

Why package nerds care

Its package value is in codifying a careful SSH setup that many developers otherwise perform by hand. That makes it a tiny but opinionated tool for users who maintain several GitHub identities or machines and prefer generated config over checklist-driven setup.

Timeline

  • 2011: Initial release appears in the repository history.
  • 2012: v1.000 begins the tagged release stream.
  • 2016: v1.101 adds OpenSSH roaming vulnerability mitigation.
  • 2022: v1.306 changes default key size and removes older GitHub host-key algorithms.
  • 2025: v1.400 switches new keys to Ed25519 by default.

Related projects

  • github-keygen relates to OpenSSH, GitHub SSH authentication, Git for Windows, and GitHub's SSH key-management workflow.

security posture

Risk level: blue

broad file, network, media, or database tool signal.

Risk classifier

blue risk · medium confidence · tool

Why

  • broad file, network, media, or database tool signal

Signals

  • text:ssh

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 1 platform targets.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.ssh/config

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.ssh/id_<github-account>@github

executables

Installed executables

CommandKindExposureNote
github-keygencliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.401
manager updated
local dataok
upstreamcurrent
latest detectedv1.401

https://github.com/dolmen/github-keygen

  • infoNo package-manager update timestamp was available.low confidence

install metadata

Package metadata

Package keybrew:github-keygen
Version1.401
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/github-keygen
Homepagehttps://github.com/dolmen/github-keygen
Repositoryhttps://github.com/dolmen/github-keygen
Upstream docshttps://github.com/dolmen/github-keygen#readme
LicenseGPL-3.0-or-later
Source archivehttps://github.com/dolmen/github-keygen/archive/refs/tags/v1.401.tar.gz
Uses from macOSperl
Bottleavailable (on all)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namegithub-keygen
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • package relationship graph
  • package version freshness
  • package-page enrichment