Advertisement
Advertisement


Git push requires username and password


Question

I cloned a Git repository from my GitHub account to my PC.

I want to work with both my PC and laptop, but with one GitHub account.

When I try to push to or pull from GitHub using my PC, it requires a username and password, but not when I'm using the laptop!

I don't want to type my username and password every time I interact with origin. What am I missing here?

2020/01/24
1
1480
1/24/2020 6:21:48 AM

Accepted Answer

A common cause is cloning using the default (HTTPS) instead of SSH. You can correct this by going to your repository, clicking "Clone or download", then clicking the "Use SSH" button above the URL field and updating the URL of your origin remote like this:

git remote set-url origin [email protected]:username/repo.git

This is documented at GitHub: Switching remote URLs from HTTPS to SSH.

2020/03/12
2010
3/12/2020 8:55:21 PM

Permanently authenticating with Git repositories

Run the following command to enable credential caching:

$ git config credential.helper store
$ git push https://github.com/owner/repo.git

Username for 'https://github.com': <USERNAME>
Password for 'https://[email protected]': <PASSWORD>

You should also specify caching expire,

git config --global credential.helper 'cache --timeout 7200'

After enabling credential caching, it will be cached for 7200 seconds (2 hour).

2020/06/20

I just came across the same problem, and the simplest solution I found was to use SSH URL instead of HTTPS one:

ssh://[email protected]/username/repo.git

And not this:

https://github.com/username/repo.git

You can now validate with just the SSH key instead of the username and password.

2019/06/17

Apart from changing to SSH you can also keep using HTTPS, if you don't mind to put your password in clear text. Put this in your ~/.netrc and it won't ask for your username/password (at least on Linux and Mac):

machine github.com
       login <user>
       password <password>

Addition (see VonC's second comment): on Windows the file name is %HOME%\_netrc.

Also read VonC's first comment in case you want to encrypt.

Another addition (see user137717's comment) which you can use if you have Git 1.7.10 or newer.

Cache your GitHub password in Git using a credential helper:

If you're cloning GitHub repositories using HTTPS, you can use a credential helper to tell Git to remember your GitHub username and password every time it talks to GitHub.

This also works on Linux, Mac, and Windows.

2019/06/17

For the uninitiated who are confused by the previous answers, you can do:

git remote -v

Which will respond with something like

origin    https://[email protected]/yourname/yourrepo.git (fetch)
origin    https://[email protected]/yourname/yourrepo.git (push)

Then you can run the command many other have suggested, but now you know yourname and yourrepo from above, so you can just cut and paste yourname/yourrepo.git from the above into:

git remote set-url origin [email protected]:yourname/yourrepo.git
2019/06/17

If you're using SSH and your private key is encrypted with a passphrase, then you'll still be prompted to enter the passphrase/password for the private key when you do network operations with Git like push, pull, and fetch.

Use ssh-agent to save the private key passphrase/password credentials

If you want to avoid having to enter your passphrase every time, you can use ssh-agent to store your private key passphrase credentials once per terminal session, as I explain in my answer to Could not open a connection to your authentication agent:

$ eval `ssh-agent -s`
$ ssh-add

In a Windows msysgit Bash, you need to evaluate the output of ssh-agent, but I'm not sure if you need to do the same in other development environments and operating systems.

ssh-add looks for a private key in your home .ssh folder called id_rsa, which is the default name, but you can pass a filepath to a key with a different name.

Killing the agent

When you're done with your terminal session, you can shutdown ssh-agent with the kill flag -k:

$ ssh-agent -k

As explained in the ssh-agent manual:

-k

Kill the current agent (given by the SSH_AGENT_PID environment variable).

Optional timeout

Also, it can take an optional timeout parameter like so:

$ ssh-add -t <timeout>

where <timeout> is of the format <n>h for <n> hours, <n>m for <n> minutes, and so on.

According to the ssh-agent manual:

-t life

Set a default value for the maximum lifetime of identities added to the agent. The lifetime may be specified in seconds or in a time format specified in sshd_config(5). A lifetime specified for an identity with ssh-add(1) overrides this value. Without this option the default maximum lifetime is forever.

See this page for more time formats.

Security warning for Cygwin users

Cygwin users should be aware of a potential security risk with using ssh-agent in Cygwin:

people should be cognizant of the potential dangers of ssh-agent under Cygwin 1, though under a local netstat and remote portscan it does not appear that the port specified in /tmp/ssh-foo is accessible to anyone ...?

[1]: http://www.cygwin.com/ml/cygwin/2001-01/msg00063.html

And at the cited link:

however, note that Cygwin's Unix domain sockets are FUNDAMENTALLY INSECURE and so I strongly DISCOURAGE usage of ssh-agent under Cygwin.

when you run ssh-agent under Cygwin it creates AF_UNIX socket in /tmp/ssh-$USERNAME/ directory. Under Cygwin AF_UNIX sockets are emulated via AF_INET sockets. You can easily see that if you'll look into /tmp/ssh-$USERNAME/agent-socket-* file via Notepad. You'll see something like

!<socket >2080

then run netstat -a and surprise! You have some program listening to port 2080. It's ssh-agent. When ssh receives an RSA challenge from the server, it refers to corresponding /tmp/ssh-$USERNAME/agent-socket-* (under Cygwin, in our case, that means it'll open connection to localhost:2080) and asks ssh-agent to process the RSA challenge with the private key it has, and then it simply passes the response received from the ssh-agent to the server.

Under Unix, such a scenario works without problems, because the Unix kernel checks permissions when the program tries to access an AF_UNIX socket. For AF_INET sockets, however, connections are anonymous (read "insecure"). Imagine, that you have the Cygwin ssh-agent running. A malicious hacker may portscan your box, locate open port used by ssh-agent, open a connection to your SSH server, receive the RSA challenge from it, send it to your ssh-agent via an open port he/she found, receive the RSA response, send it to the SSH server and voila, he/she successfully logged in to your server as you.

2019/06/17

Source: https://stackoverflow.com/questions/6565357
Licensed under: CC-BY-SA with attribution
Not affiliated with: Stack Overflow
Email: [email protected]