Repetition of the same task is boring and painful for programmers like us. Isn’t it?
One of such tasks is interactive with GitHub’s private repository. What’s about it? You know what it is. And you are searching for ways to resolve it and landed on this article. You will stop searching after reading this article.
So, here we are going to talk about accessing GitHub private repository without a password. Without further ado, let’s get started.
There are two ways to access any GitHub repository. They are HTTPS and SSH. Most of you are using HTTPS. But, now you come to know that it’s not an efficient way to use the HTTPS method for cloning the private repositories.
Accessing includes cloning, pushing, pulling, etc..; anything that’s related to updating our repository in the remote.
There is no problem when it comes to accessing the public repositories. But, we need to authenticate ourselves while accessing a private repository. There are different ways to authenticate ourselves.
Let’s start with the most familiar one…
If using HTTPS
You should probably know about the HTTPS method and looking for others. Let’s quickly see how to access a private repository using it.
- Copy your private repository link.
- Open the terminal or cmd in your machine.
- Paste the command
git clone link
to clone the private repository. - Replace the link with your private repository link.
- It’ll ask us to authenticate ourselves. So, we have to enter our GitHub credentials.
- First, it’ll ask us to enter our GitHub username. Enter your GitHub username and hit
Enter
.
- Now, we need to enter the password. Type your GitHub password and hit
Enter
.
That’s it; we have cloned the private repository using the HTTPS method. Now, update something in the repository, commit and push them to remote.
What did you notice?
It’s again asking for the authentication.
Isn’t it a boring and heavy task to enter credentials every time we interact with the private repository?
Yeah, it is.
We can’t enter our GitHub credentials whenever we interact with our private repository. It’s a time-taking process and slows down our work.
There are different ways to get rid of the above problem. The best way to do it is to use SSH. But, there are other ways to do it. Let’s look at all of them one by one.
.git config
All the information about our repositories versions is stored in .git
directory. It’s a hidden folder. There is a config
file in it that allows us to configure the settings. But, it’s not recommended in general.
We can clone a private repository by adding our username and password in the repository URL as follows.
git clone https://<strong>username:password</strong>@github.com/<strong>username</strong>/<strong>repository_name</strong>.git
Update the username, password, and repository_name with appropriate details. Since we have given our credentials in the URL, it won’t ask for authentication as we have seen before.
So, we are going to follow the above method of authentication and update our repository configuration accordingly. Let’s see the steps to get rid of repetitive authentication by updating the URL.
- Open the
.git
folder in your cloned repository.
- You’ll find a file with the name config. Open it using any text editor of your choice.
- There will be a line with our repository link as follows.
- Update the URL by adding your username and password, as seen above.
Now, again update something in the repository, commit and push them.
Do you observe anything?
It shouldn’t have asked for your GitHub credentials this time. So, we have solved our problem by updating our repository setting.
You might have noticed that it’s not secure. As we are exposing our credentials. And this method won’t work in case your GitHub password contains @
character.
So, there are some critical disadvantages of using this method. Hence let’s ignore it and move to the next method.
credential.helper
The credential.helper
allows us to store the credentials forever in ~/.git-credentials
file.
It will store our credentials when we enter them for the first time. Again when we try to access the private repository, it won’t ask for credentials until it’s stored in ~/git-credentials
file. So, that’s one of the ways to avoid our problem. Let’s see it in action with precise steps.
- First, we need to activate the option to store our credentials with the command
git config credential.helper store
. - After activating the option, try to access the private repository with your username and password.
- Once you have entered your username and password, it will store it in
~/.git-credentials
file with your GitHub credentials as follows.
Now, again the same process to check whether it’s working correctly or not. Update, commit and push. I am sure it won’t ask you for the credentials if you have followed the above steps to store your credentials.
Going fine…
What if you want to save the credentials for 4 hours instead of forever?
The credential.helper
provides a way to store our credentials temporarily for a certain amount of time. We use cache
instead of store
to store the credentials for a certain amount of time.
The cache
will store our credentials for 15 minutes by default. After 15 minutes, the git will again ask for credentials. But, we can change the default time using the following command.
git config credential.helper 'cache --timeout={time_in_seconds}'
Don’t forget to give the time in seconds. Let’s see it in action.
- First, we need to activate the option to cache our credentials with the command
git config credential.helper cache
. - Access the private repository with your username and password.
- Once you have entered your username and password, it will cache your GitHub credentials for a specified time.
Now, update, commit and push. Again it won’t ask for your credentials as we have said it to cache them.
We have shown you the commands to work a git initialized repository. We can update the git
configuration globally for all projects by adding the --global
flag in the above commands.
Personal Access Tokens
The personal access tokens are used to give access to the GitHub API. The personal access tokens are like OAuth tokens. So, they can be used for basic authentication instead of a password for git
. Hence, we can use the personal access tokens to resolve our problem.
Let’s see how to do it.
- Log in to your GitHub account.
- Go to the Settings.
- Now, go to the Develop settings from the left navbar.
- Click on the Personal access tokens to reach our final destination. You will see the personal access tokens as follows.
- Click on the Generate new token to generate a new one.
- Enter the Note for the token. You can think of it as short notes for the token to remember.
- Select the permissions for the token. The programs using the token will grant access to all the selected permissions. In our case, select the repo.
- Scroll down to the bottom and click Generate token button.
- It’ll show the personal access token only once as follows. We can’t see our personal token again. So, copy it and save it somewhere securely. Use a password manager if you need to.
- We have successfully created the Personal access token.
- Now, it’s time to use it to access our private repository.
- Update the repository URL in
.git/config
file ashttps://{personal_access_token}@github.com/hafeezulkareem/private_repository.git
similar to the first method.
Now, try to access the private repository.
Did it ask you for the authentication?
No, it won’t ask you for the authentication until the token is active. Let’s move to the last way to resolve our problem.
SSH
SSH is used to authenticate ourselves. You find the full document about SSH in GitHub here.
The idea is simple. Generate an SSH key, add it to the GitHub account and enjoy passwordless authentication.
Let’s see these three steps in detail.
- Open terminal or cmd in your system.
- Enter the command
ssh-keygen -t rsa
to generate a new SSH key. - It will ask for the directory to save the key. Press
Enter
to select the default directory. But, you may also change the directory based on your preference. Here, we are going with the default directory.
- Now, we have to enter the passphrase to protect our SSH key. But it’s optional.
- If we choose a passphrase for the SSH key, we must enter it first whenever we power on our system.
- If we didn’t choose the passphrase, then there is no need to enter it first.
- Enter the passphrase again to confirm it.
- Finally, it will generate a new SSH key for us as follows.
We have successfully generated a new SSH key in our systems. It’ll create two files as follows (if you have changed the path, then the file names may vary).
Now, it’s time to connect with our GitHub account. The contents in the file with the extension .pub
need to be copied to our GitHub account for the connection. In my case, it’s id_rsa.pub
.
- Log in to your GitHub account.
- Open the Settings.
- Click on SSH and GPG Keys to reach our final destination.
- Click on the New SSH Key to add our newly generate SSH key.
- You will navigate to the following screen.
- Add the appropriate title for the SSH key. The SSH keys are different for each system. So, choose based on it is one of the good options. But, it’s not the only option. You may choose based on other things as your preference.
- After choosing the title, copy and paste the .pub contents into the second field.
- Finally, hit the Add SSH key and confirm the access with your GitHub password.
- The newly added SSH key will look as follows.
We have added our newly generated SSH key to GitHub. Now, we have to authenticate the SSH connection to enjoy passwordless authentication later. To do it, enter the following command in terminal or cmd.
ssh -T git@github.com
It will ask for confirmation. Confirm it. And that’s it, and we are done.
Now, clone your private repository. It won’t ask for any authentication this time.
Update, commit and push. There you go. It won’t ask you for the authentication anymore. Enjoy it.
Conclusion
Phew! we have covered various methods to access private repositories without entering credentials all the time. You may use any method. But, the general and best practice is to use the SSH method for authentication.
Again it’s up to your preference; there’s no strict rule to use the only SSH method. But, most businesses use the SSH method for authentication, which is secure and saves a lot of time. And make sure your credentials are safe.
Happy Developing 🙂