Ever since Github changed it's policy to not accept username/password anymore, I'm having a difficult time logging in when I push a branch to the remote repo.
I've tried a PKA key, but I forget it sometimes and I have to regenerate. Then I stored it in a plain text file and copy-paste when needed. And this PKA key seems like an API key for one project, instead of a way to log in manually to push changes. This seems to me like not-the-way to go. And I can imagine professionals do this in a better way.
I'm using a Linux machine and git from the terminal. And a Windows 10 machine with Git Bash (Git for Windows). How should I configure my account and computers so that I can easily run git push origin master?
Is it possible to use 2FA in a way where I log in with my account username and password and verify my login with an authenticator app on my phone? And preferably trust my computer from future logins.
It seems like you want to store your credentials globally on your machine. Store your credentials in global git configuration file.
WARNING: Your credentials would be visible to everyone who uses your machine, but the config file is usually hidden /.config.
Store your credentials on your machine globally:
git config --global credential.helper store
Next time you enter your credentials, this will store your credentials. In next consequent times, you won't be prompt to enter credentials anymore.
Related
I initialized a new repository, and pushed my code to GitHub.
After that, I updated my README file and tried to push on GitHub again, but when I did that, it asks me for password, and it didn't asked me for password when I pushed my code to GitHub for first time.
I also tried entering my GitHub account password, it fails.
I also tried use the key which I generated as a password, but still no luck.
Can anyone please guide me how to solve this problem?
This is the error which I am getting after entering the password:
For HTTPS URL, you need to use a PAT (Personal Access Token) with scope repo as a password.
And you need to cache it using a credential helper, like Git Credential Manager (cross platform). Once that helper is installed:
git config credential.helper manager
Should you switch to an SSH URL (git#github.com:<me>/<myRepo>), you need, if you have protected your private SSH key with a passphrase, to auto-launch ssh-agent when you start a new session. See "Working with SSH key passphrases".
My current workflow includes typing the password. Log into a server, pull (or sometimes clone, checkout or even push), type in the creds and leave. I do not want to store my credentials on that machine and I do not always have the chance to access my own password manager on the same machine.
How are we supposed to do this after a password can no longer be used with GitHub on the command line? Should I actually carry a paper slip with an access token? Or am I obliged to configure SSH deploy key for every project on every server? It seems to require logging into github website and it's not like I have a GUI on those machines.
Is there any sane way? How would you do it, if you sit down in front of a linux bash and have to deploy a project on that machine, using that machine?
How you should handle this depends on what your needs are.
If you want to automate a deployment process for a machine, then using a deploy key for that machine is a good idea, since that's the exact purpose for which they're designed. Ideally your deployment processes are automated, and deploy keys are a good way to do that.
If your goal is to log into several machines via SSH and perform Git operations with a remote, you can use an SSH key. If you're logging in via SSH, then add your SSH key to your agent and forward your agent to the remote system with the -A option, which will let you perform the access as if you had that key on the remote system. This is the easiest and simplest solution if you can do so, and is even more convenient than typing your username and password.
If you need to log in to machines at the console, then generate an SSH key, add it to GitHub, and store it on a flash drive, at which point you can mount the flash drive and use the keys with Git by setting the environment variable GIT_SSH_COMMAND to ssh -oIdentitiesOnly=yes -i /mnt/path-to-key (substituting the path to the key).
I received an email from GitHub stating:
You recently used a password to access the repository at username/repo with git using git/2.24.3 (Apple Git-128).
Basic authentication using a password to Git is deprecated and will soon no longer work. Visit https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information around suggested workarounds and removal dates.
So I'll need to use another method for standard command line for git commits pushed to GitHub, which shouldn't be a problem.
But I wonder does this affect deploy keys? For example, in automated processes that have been running for some months or years - should we prepare for changes?
I have checked the blog post, and note that there's still plenty of time (deprecation happens 13 August 2021), but it will be important to understand any affect on deploy keys in order to prepare.
No, deploy keys are unaffected. The only thing that's affected is using a password to authenticate to Git or Git LFS over HTTPS. If you use a personal access token or OAuth token over HTTPS or you use SSH at all (whether with a personal or deploy key), those are unaffected.
The reason for this change is because knowing an account's password allows you to log into that account, change the password, and configure virtually every setting. On the other hand, a token does not allow you to log in via the web interface and is typically restricted to a limited set of scopes, and it is pseudorandomly generated. Similarly, SSH keys are also restricted in their access and are not easily guessable.
As a result, the consequences of accidentally exposing your authentication credentials are lower and the set of credentials you replace it with is unlikely to be guessable from the old exposure.
You can change from https:// remote urls to git# urls (e.g. ssh)
git remote -v # check that your remote (e.g. origin) is using https://
git remote rm origin
git remote add origin git#github.com:ORGANIZATION_OR_USER/REPO_NAME.git
git fetch --all
git branch -u origin/master master
And then you can test it:
git pull
git commit --allow-empty -m "nothing"
git push
So I have a personal and a work's Github account.
After some trial and error I found that the password to Github is stored in the macOS keychain.
That's annoying cause I can't define which account to associate the repo with even though I'd configured my user in ./git/config for that repo.
And the reason it seems is that git will start searching for the global config first. So I removed the global config and keychain and pushed again.
It prompts me for the username password the first time, but stores that into the keychain again and uses that as the default user, not respecting the user I set in ./git/config.
My ideal setup is to have the default user as my personal account and to have the work's account for specific work related repos. How do I do that?
I think the keychain is a bottleneck since it seems to be the first place git is using as authentication.
I found the answer, here
git config credential.username 'your username'
This causes the cli to prompt for a password for that user and it will store that as another entry in the keychain. Will still have to configure git users with git config user.name etc so it knows which user to use.
We recently moved our github from one account owner to another, and now all of the sudden when I do a git pull or any git command on the remote repo, it asks me for github username and password.
My git-config says:
[github]
user = kamilski81
token = *********
Any idea how I can stop it asking me for credentials and remember everything, does the new owner have to setup my ssh keys or something of that sort?
Following this article sorted it out for me:
https://help.github.com/articles/why-is-git-always-asking-for-my-password
git remote set-url origin git#github.com:user/repo.git
The github username and token in the gitconfig is only used for interactions with the GitHub API (for instance the hub gem and the github tool).
If you are pushing and pulling from a GitHub repository over https, then you need to specify your credentials every time, or hook into a password manager to remember the credentials for you. How to do this depends on your platform.
The easiest thing to do is to go to your github account and submit your SSH public key to your account, and then switch your github remote to push/pull over ssh instead of https.
[edit] After re-reading the question I noticed that you mentioned it was previously a GitHub repo that was just moved from one owner to another. If that's the case, and you ARE able to push and pull by specifying your credentials, it sounds to me to be one of two scenarios:
The previous remote used ssh, and GitHub has your SSH key; but when the owner changed and you updated the remote, you updated it to go over https.
The previous remote used https, but you had a password manager setup correctly to deal with your credentials, which no longer works.
After doing "remote -v"....the issue was that my remote was using an "https" remote rather than "git" remote. Changing the remote to use git rather than https solved everything.
If you execute only once git pull and Git client still asking you the credential without do the git pull for you, the problem should be because your credential is incorrect or not setup yet.
but if you get the dialog ask for credential one for each operation, it mean that your credential isn't remembered. To do that, you may use Pageant to store your SSH private key, so, everytime you do something, it will retrieve your credential from Pageant instead to asking you.