I think for clone a private repo, we need to verify the computer is trusted. But for a public repo, not sure why git is designed to ask for ssh key for a machine if the ssh key is not added in Settings of github?

If you connect via SSH, Git (actually the SSH agent used by Git) will always require authentication in form of a private key. This is because the SSH protocol actually does not care whether you're accessing a public or private repository.

You can easily determine the protocol that's used for cloning by looking at the remote URL. SSH urls look like this:

1. ssh://git@github.com/<user>/<repo>.git
2. git@github.com:<user>/<repo>.git

However, on GitHub you can always clone public repositories using the git:// protocol instead of ssh://, which does not require authentication:

git clone git://github.com/<user>/<repo>.git

Alternatively, use HTTPS, which will (if memory serves) require authentication only for private repositories:

git clone https://github.com/<user>/<repo>.git

Git will need a ssh key only if you are using ssh protocol - there doesn't exist such a thing as anonymous ssh, ssh needs a key (an account) to work.

If you use git or https protocol, no ssh key is needed. If you don't want to use accounts / authentication, git protocol might be your best bet.

(More information on git protocols)