In this article I’ll show how you can avoid entering your Git username and password for every push.
I’ll show three methods: Git SSH authorization, Git credentials caching, and Git credentials saving using credential.helper.
Recommended and Secure Method: Setup Git SSH Keys authentication
Create an ssh Github key. Go to github.com -> Settings -> SSH and GPG keys -> New SSH Key. Now save your private key to your computer.
Then, if the private key is saved as id_rsa in the ~/.ssh/ directory, we add it for authentication as such:
1 2 |
ssh-add -K ~/.ssh/id_rsa |
Even More Secure Method: Git Credentials Caching
We can use git-credential-store
to cache our username and password for a time period. Simply enter the following in your CLI (terminal or command prompt):
1 |
git config --global credential.helper cache |
You can also set the timeout period (in seconds) as such:
1 |
git config --global credential.helper 'cache --timeout=3600' |
Less Secure Method: Saving Git Password In A git-credentials File
To save username and password in Git you can use credential.helper
.
Run
1 |
git config --global credential.helper store |
then
1 |
git pull |
provide a username and password and those details will then be remembered later. The credentials are stored in a file on the disk, with the disk permissions of “just user readable/writable” but still in plaintext.
Attention: This method saves the credentials in plaintext on your PC’s disk. Everyone on your computer can access it, e.g. malicious NPM modules.
If you want to change the password later
1 |
git pull |
Will fail, because the password is incorrect, git then removes the offending user+password from the ~/.git-credentials
file, so now re-run
1 |
git pull |
to provide a new password so it works as earlier.