What are unauthenticated and authenticated requests in github? - github

I am running a script which clones multiple repositories in my GitHub project organization. After running the script twice or thrice, I get an 128 error
git -c core.fsyncobjectfiles=0 ls-remote ssh://git#github.com/project-xyz/abc.git failed with exit code 128
and this works again after some time. I am guessing that this is a rate limiting issue.
Github page says ratelimit for unauthenticated requests is 60 per hour and I guess I am hitting that by running my script multiple times. My ssh key is added to Github.
I was under the assumption that cloning git repos using ssh are considered authenticated requests. My error leads me to believe that those are treated as unauthenticated requests.
I want to know what are differences between authenticated and unauthenticated requests in GitHub?

First, check the SSH access with:
ssh -Tv git#github.com
And fix the URL: it should be
ssh://git#github.com/project-xyz/abc.git
# not
ssh://git#wwwgithub.com/project-xyz/abc.git
Second, the rate limiting is for API calls (Example: curl -i https://api.github.com/users/octocat)
I suppose any kind of direct Git call to GitHub would be limited, authenticated or not.

Related

Basic authentication with GitHub API X-Rate-Limit

I'm practicing with GitHub API using curl.
I've authenticated my request about my own repos, and the GitHub guides suggest the x-rate-limit (cap on requests per hour) should go up to 5000.
This did indeed happen on first request.
I entered
curl -i -u Vanilla https://api.github.com/users/Vanilla
Then got prompt for password and entered my PAT.
Header info showed x-rate-limit of 5000.
Since then I exported my PAT to a variable and called
curl -i -u Vanilla:$var https://api.github.com/users/Vanilla
This returned x-rate-limit as 50.
Now, even if I use the previous format of just username and enter PAT when prompted, x-rate-limit still capped at 50.
I'm confused as to why.
Any help much appreciated.
Thanks

Does deprecation of basic password authentication affect GitHub deploy keys?

I received an email from GitHub stating:
You recently used a password to access the repository at username/repo with git using git/2.24.3 (Apple Git-128).
Basic authentication using a password to Git is deprecated and will soon no longer work. Visit https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information around suggested workarounds and removal dates.
So I'll need to use another method for standard command line for git commits pushed to GitHub, which shouldn't be a problem.
But I wonder does this affect deploy keys? For example, in automated processes that have been running for some months or years - should we prepare for changes?
I have checked the blog post, and note that there's still plenty of time (deprecation happens 13 August 2021), but it will be important to understand any affect on deploy keys in order to prepare.
No, deploy keys are unaffected. The only thing that's affected is using a password to authenticate to Git or Git LFS over HTTPS. If you use a personal access token or OAuth token over HTTPS or you use SSH at all (whether with a personal or deploy key), those are unaffected.
The reason for this change is because knowing an account's password allows you to log into that account, change the password, and configure virtually every setting. On the other hand, a token does not allow you to log in via the web interface and is typically restricted to a limited set of scopes, and it is pseudorandomly generated. Similarly, SSH keys are also restricted in their access and are not easily guessable.
As a result, the consequences of accidentally exposing your authentication credentials are lower and the set of credentials you replace it with is unlikely to be guessable from the old exposure.
You can change from https:// remote urls to git# urls (e.g. ssh)
git remote -v # check that your remote (e.g. origin) is using https://
git remote rm origin
git remote add origin git#github.com:ORGANIZATION_OR_USER/REPO_NAME.git
git fetch --all
git branch -u origin/master master
And then you can test it:
git pull
git commit --allow-empty -m "nothing"
git push

Github can't sync

I'm using a github Mac client to manage my repo and for sent pull requests to the repo I forked. In the last few days, I can't send pull requests, I only recieve this error:
error: The requested URL returned error: 403 while accessing
https://github.com/pyrocms/pyrocms.git/info/refs
fatal: HTTP request failed
I have also tried to set SSH instead of HTTPS, but doing this, the Mac client can't contact the server... How can I fix this?
This is the project I need.
I need to update my git version.
Thanks to all!

Why does github keep asking me for repo credentials?

We recently moved our github from one account owner to another, and now all of the sudden when I do a git pull or any git command on the remote repo, it asks me for github username and password.
My git-config says:
[github]
user = kamilski81
token = *********
Any idea how I can stop it asking me for credentials and remember everything, does the new owner have to setup my ssh keys or something of that sort?
Following this article sorted it out for me:
https://help.github.com/articles/why-is-git-always-asking-for-my-password
git remote set-url origin git#github.com:user/repo.git
The github username and token in the gitconfig is only used for interactions with the GitHub API (for instance the hub gem and the github tool).
If you are pushing and pulling from a GitHub repository over https, then you need to specify your credentials every time, or hook into a password manager to remember the credentials for you. How to do this depends on your platform.
The easiest thing to do is to go to your github account and submit your SSH public key to your account, and then switch your github remote to push/pull over ssh instead of https.
[edit] After re-reading the question I noticed that you mentioned it was previously a GitHub repo that was just moved from one owner to another. If that's the case, and you ARE able to push and pull by specifying your credentials, it sounds to me to be one of two scenarios:
The previous remote used ssh, and GitHub has your SSH key; but when the owner changed and you updated the remote, you updated it to go over https.
The previous remote used https, but you had a password manager setup correctly to deal with your credentials, which no longer works.
After doing "remote -v"....the issue was that my remote was using an "https" remote rather than "git" remote. Changing the remote to use git rather than https solved everything.
If you execute only once git pull and Git client still asking you the credential without do the git pull for you, the problem should be because your credential is incorrect or not setup yet.
but if you get the dialog ask for credential one for each operation, it mean that your credential isn't remembered. To do that, you may use Pageant to store your SSH private key, so, everytime you do something, it will retrieve your credential from Pageant instead to asking you.

What to do about "PTY allocation request failed on channel 0"

I can't see to wrap my head creating an ssh key for GitHub. I had it working quite awhile back but I can't figure out what has changed. I've since removed the previous SSH keys from my GitHub account. After following the instructions several times for generating an SSH key (http://help.github.com/mac-key-setup) and testing "ssh git#github.com" I get the following;
PTY allocation request failed on
channel 0 ERROR: Hi...successfully
authenticated...GitHub does not
provide shell access...Connection to
github.com closed.
I reviewed the troubleshooting guide and noticed that my ssh directory didn't have a config file. After creating it I'm unsure of what or how to enter the local path on the IdentityFile line. I'm not even sure whether this is necessary in my case?
If your github authentication
information is different from your
machine account information, you’ll
need to modify your ssh configuration
file.
Create or open the file at
~/.ssh/config Add the following lines:
Host github.com
User git
Hostname github.com
PreferredAuthentications publickey
IdentityFile [local path to private key half of github public key you provided]
You may also need to update the
permissions on your .ssh folder and
its contents. The SSH application will
ignore secret files that are too
permissive.
$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/*
I also ran ssh -v git#github.com the results of which can be seen here http://gist.github.com/607283 nothing different from what I can tell.
Any idea what I'm doing wrong?
As described in the comments on the question, the “PTY allocation request failed” is a red herring with respect to GitHub authentication (it is the result of trying to interactively login to GitHub when the only SSH service they offer is non-interactive Git-over-SSH; the authentication is working, they just do not provide interactive, “shell” service).
The person who asked the question wrote this in a comment:
I guess the related problem is that when I try to create a new repository and "git push origin master" I return the following "Error: Permission to myemail#address.com/myapp denied to myusername. Fatal: the remote end hung up unexpectedly"
This seems more likely to be the actual problem. This seems to indicate that the remote named origin not configured to correctly point to a GitHub repository.
Check the output of git remote show -n origin. Probably the “Fetch URL” and the “Push URL” are the same. They should both look like this:
git#github.com:git-user-name/repository-name
When logging into GitHub on the web you can use either your account’s username or its associated email address. When pushing to repositories (or fetching from private repositories) you have to use your actual username (an email address will not work). It looks you are using your email address in there instead of just your GitHub username. To fix this, reconfigure the remote’s URL:
git remote set-url origin git#github.com:github-username/repository-name
Your username is displayed in many places on the GitHub web pages once you are logged in. The easiest place to find it is between your gravatar and the “Dashboard” link on the page header (you will see a silhouette icon if you do not have a gravatar configured). That same location links to your public profile page; this page’s URL should also end in your username.