Read Only access to GitHub repo via SSH key

Deploy Keys to the rescue

A deploy key is an SSH key that :

  • is stored on your server and grants access to a single GitHub repository.
  • Often used to clone repositories during deploys or continuous integration runs.
  • Deploys sometimes involve merging branches and pushing code, so deploy keys have always allowed both read and write access.
  • But Because write access is undesirable in many cases, you can have the ability to create deploy keys with read-only access.
  • New deploy keys created through will be read-only by default and can be given write access by selecting Allow write access during creation.

Creating Read only deploy key

  1. Go to Settings tab inside the repository you want to give read only permission.
  2. On the left side navigation bar Select Deploy Keys

Github Deploy Keys

  1. Click Add Deploy Key .
  2. Give it a title whatever you want and Add the ssh key.
  3. Make sure that box Allow write access is unchecked.
  4. You're done !

To know more about Deploy keys, read at Github Developer. Also refer to this beautiful gist by zhujunsan on Github.

Feel free to add-in more details.

Github organizations can "sort of" support this work-flow:

  • Create an organization
  • Create a dummy account which will be used for readonly access
  • Add the dummy account to the organization with read-only permissions
  • Add whatever SSH keys you want to have on the read-only account
  • Use your normal account(s) to allow writing