This content originally appeared on DEV Community and was authored by Michelle Mannering

Have you been using Git on the command line? Notice how you have to always type in your password? Not only is this SUPER annoying, it also presents a security issue. Here's a bunch of ways to authenticate Git so you don't have to type a password with every action. It will also keep your code more safe and secure.

If you're using Git and GitHub then there are a few ways to authenticate to ensure your code is secure.

SSH keys

If you work in tech, you've probably heard the term SSH keys. The term often comes up when you're trying to login or use a cloud service outside a web browser. It's also a term associated with connecting from one machine to another.

SSH or Secure Shell keys is the name of the key (or protocol) used when you need to authenticate in order to use a provider. Using SSH protocol makes a network much more secure. Someone can't just login remotely from one system into another. Instead, the encryption is used to manage this login and therefore secure your login details.

There are lots of different types of SSH keys. If you're on Windows, a lot of SSH credentials are done for you. If you're using macOS, you can generate SSH keys in order to authenticate your GitHub account. Check out the GitHub Docs for how to manually generate keys.

Personal Access Tokens

You don't just have to use the terminal in order to generate keys. If the command line isn't your cup of tea, then you can generate keys from the GitHub web:

Go to GitHub.com
Select "Settings"
Scroll down and select "Developer Settings" from the left
Select "Personal Access Tokens" from the left
Create your Token

In these settings you can generate and manage tokens.

OAuth Applications

There's also a way for you to track which applications have access to your GitHub account:

Go to GitHub.com
Select "Settings"
Scroll down to "Applications"
Click "Authorized OAuth Apps"

Now you can see which applications have access to your GitHub account and revoke any if necessary.

Note, this isn't the same place as your Developer Settings OAuth Apps. If you are creating applications and you want to enable GitHub authentication, then check out the GitHub Docs on creating and authorising OAuth apps.

Credential Manager

Unless you're a Windows user (? there) you would have noticed you need to enter your password with every Git operation. When you install Git on Windows, a credential manager is automatically installed on your computer. This means you only need to log into your account once and then you are authenticated.

We can replicate this on macOS and Linux as well. Using a client manager such as Git Credential Manager Core (GCM Core) is one way to do single-factor authentication on macOS and Linux. The Linux version of this is still in preview, but you can try it out now.

microsoft / Git-Credential-Manager-Core

Secure, cross-platform Git credential storage with authentication to GitHub, Azure Repos, and other popular Git hosting services.

Git Credential Manager Core

Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET that runs on Windows and macOS. Linux support is in an early preview.

Compared to Git's built-in credential helpers (Windows: wincred, macOS: osxkeychain, Linux: gnome-keyring) which provides single-factor authentication support working on any HTTP-enabled Git repository, GCM Core provides multi-factor authentication support for Azure DevOps, Azure DevOps Server (formerly Team Foundation Server), GitHub, and Bitbucket.

Git Credential Manager Core (GCM Core) replaces the .NET Framework-based Git Credential Manager for Windows (GCM), and the Java-based Git Credential Manager for Mac and Linux (Java GCM), providing a consistent authentication experience across all platforms.

Current status

Git Credential Manager Core is currently available for macOS and Windows, with Linux support in preview. If the Linux version of GCM Core is insufficient then SSH still remains an option:

View on GitHub

If you want to try a few things other than the Git command line or webpage, there are a few options.

Authenticate with GitHub Desktop

After GitHub Desktop was launched a couple of years ago, this application has been a great way to use GitHub. Not only can you can you manage your repos, but it's a great way to authenticate and manage your account.

Download GitHub Desktop and log into your account. This will open a browser window so you can authenticate. There's also a light and dark mode!

In a similar way you can also authenticate various applications such as editors like VS Code or Atom or other git clients like Git Kraken. Don't forget you can go into OAuth settings to see which applications you've given access to GitHub.

GitHub CLI

Yes it's still the command line, but GitHub has its own CLI. You can download it then use gh auth login and follow the steps. This will allow access to your GitHub account and you can continue using the command line as normal. You can even use gh auth login --with-token to use a personal token.

The CLI is available on Windows, macOS, and Linux. It's completely free and it's open source so you can even contribute to it.

Using physical security keys

Lately, physical security keys, such as a YubiKey, have been very popular. They are a great way to secure and can't be replicated.

YubiKeys are also really easy to setup:

Go to GitHub.com
Click "Account Security"
Scroll down to "Security keys" and click "edit"
Select "Register new security key" and follow the prompts

If you decide to setup a security key, you'll need to save your recovery codes in a secure location. If you have 2FA or security keys for your account, recovery codes are the only way to access your account if you lose your YubiKey or can't use your 2FA.

YubiKeys are also really great because they can be used on desktops, laptops, and mobile phones. There's a bunch of different types from Lighting, to USB-A, USB-C, and even NFC. Read more about security keys on the GitHub Docs

Up your security and save time

Hopefully that gives you some ideas on how to take your security to the next level AND save time by not typing in your password with every Git command. If you want to read more about security keys or SSH keys, check out the GitHub blog.

I'm curious to know what everyone's preferred method of authentication is. Let me know below.

This content originally appeared on DEV Community and was authored by Michelle Mannering

Print Share Comment Cite Upload Translate Updates

APA

Michelle Mannering | Sciencx (2021-06-03T06:54:01+00:00) How to never type passwords when using Git. Retrieved from https://www.scien.cx/2021/06/03/how-to-never-type-passwords-when-using-git/

MLA

" » How to never type passwords when using Git." Michelle Mannering | Sciencx - Thursday June 3, 2021, https://www.scien.cx/2021/06/03/how-to-never-type-passwords-when-using-git/

HARVARD

Michelle Mannering | Sciencx Thursday June 3, 2021 » How to never type passwords when using Git., viewed ,<https://www.scien.cx/2021/06/03/how-to-never-type-passwords-when-using-git/>

VANCOUVER

Michelle Mannering | Sciencx - » How to never type passwords when using Git. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/06/03/how-to-never-type-passwords-when-using-git/

CHICAGO

" » How to never type passwords when using Git." Michelle Mannering | Sciencx - Accessed . https://www.scien.cx/2021/06/03/how-to-never-type-passwords-when-using-git/

IEEE

" » How to never type passwords when using Git." Michelle Mannering | Sciencx [Online]. Available: https://www.scien.cx/2021/06/03/how-to-never-type-passwords-when-using-git/. [Accessed: ]

rf:citation

» How to never type passwords when using Git | Michelle Mannering | Sciencx | https://www.scien.cx/2021/06/03/how-to-never-type-passwords-when-using-git/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.