Push to GitHub Repository without Personal Access Token when 2FA is enabled

Asked 1/4, 2019 at 5:12 Answered 1/3 at 21:41

I set up 2 Factor Authentication on GitHub a while back. So, once I was working in the command line and wanted to push to my repo. I entered my username and password but it failed by giving an error like this

USERNAME@MYCOMPUTER:~/MyRepo$ git push
Username for 'https://github.com': GitHubUsername
Password for 'https://[email protected]': GitHubPassword 
remote: Invalid username or password.
fatal: Authentication failed for ' 
https://github.com/GitHubUsername/MyRepo/'

So, I read this post and got the solution that I have to generate a Personal Access Token to push anything. Fine, but I think this is a little tough process because First I can't remember that massive Token and Second Storing an access key in a text file is not a safe thing to do.

So, it'll be very nice if someone can give an easy solution to push to my repo without disabling 2FA. - Thanks!

Ordinary answered 1/4, 2019 at 5:12 Comment(14)

You just need to add it once only then it after you don't need to remember token again. Check this out : help.github.com/en/articles/… – Zwinglian 1/4, 2019 at 5:16

Thanks, @MayankDudakiya but SSOs are for organizations. – Ordinary 1/4, 2019 at 5:23

I don't think so there is another way to do this. You have to add access token in order to use GitHub. You just need to do it only once. – Zwinglian 1/4, 2019 at 5:39

@MayankDudakiya My problem is not about Access Token but to store the Access Token. I use RSA Encryption with Python but it's just too inconvenient. – Ordinary 1/4, 2019 at 5:42

You can store your access token very safely. You can use encryption to store your access token then at the time of use decrypt. Make default encrypted access token with any prefer method and then decrypt it and use it . There are many ways you can also create api to get your access token. – Zwinglian 1/4, 2019 at 5:51

I have used GitHub API in one of my project so I first encrypted my access token by adding symbols, latter & number myself then I replace that all symbols, latter & number at the time of use. – Zwinglian 1/4, 2019 at 5:59

I use cryptography.fernet module in Python to make thing easier. – Ordinary 1/4, 2019 at 6:4

You can let git store the auth for you, see https://mcmap.net/q/20179/-how-can-i-save-username-and-password-in-git - this will however also only store it somewhere on your disk. Alternatively you could store your SSH public key to GitHub and access using SSH instead of HTTPS. – Surber 1/4, 2019 at 6:8

Don't use token directly into the application for encrypt and decrypt. You should manually encrypt it first then you can use it in application. To manually encrypt add some symbols, latter and numbers then you can remove it or replace using method to use in application. – Zwinglian 1/4, 2019 at 6:9

Any reason you are not using ssh url's with GitHub? – Airlike 1/4, 2019 at 6:12

If you setup ssh url's, you get an password protected public & private key file on your disk, that git will use that file for authentication, instead of your GitHub access token – Airlike 1/4, 2019 at 6:20

@Ferrybig, That's my answer!! – Ordinary 1/4, 2019 at 6:55

@KarthikSrivijay If you already have saved the id_rsa.pub to the Github account, then use can clone using SSH URL of the repo(If you don't have any changes in the local server) [email protected]:URL-of-Repo in place of https:/.... Then you can push to the remote repository without being asked for the credentials! – Texas 25/6, 2019 at 8:14

This is relevant to #6565857, for avoiding username and password, will work here as well. – Texas 25/6, 2019 at 8:19

Instead of using GitHub over https, you should use GitHub over ssh.

https://help.github.com/en/articles/connecting-to-github-with-ssh

While https setup is easy, setting up ssh connections is a little bit more difficult, and this is the reason why https is used as standard option.

When you want to connect to GitHub, you need to follow the following steps:

Create an ssh key

When you connect over ssh, it works with ssh keys instead of normal passwords, this increases your security, as even a server compromise won't leak your password, and even a attacker compromising your connection cannot change the data you send or receive to/from GitHub. Ssh keys also have optional passwords, that you need to provide in order to use said key.

Usually, ssh-keys are combined with a program called a ssh-agent, and this program basically "caches" the decrypted key in memory, either forever, or with a timeout, so don't have to fill your password multiple times in a short period.

You can create a key as follows:
1. Run ssh-keygen -t ed25519 -C "[email protected]"
2. Follow the standard options, and set a password.
3. Optionally configure an ssh-agent
Tell GitHub about your new key

When you create your ssh key, it make 2 files, id_rsa and id_rsa.pub, the .pub file contains the public key.

You can upload this key to GitHub by going to the settings, pressing "ssh keys", and adding the key there
Update the local repository to use ssh keys

Now that you told GitHub about your new fancy key, you need to configure your repository on disk to use ssh instead of https.

You can use the git remote command to do this:
```
git remote set-url origin [email protected]:USERNAME/REPOSITORY.git
```
Test your new settings by doing git fetch, it should ask for your ssh key password, and then fetch any updates branches.

Airlike answered 1/4, 2019 at 9:1 Comment(3)

if I'm using multiple computers with one account, do I need multiple keys? – Planimeter 7/4, 2022 at 16:22

It depends on what is the easiest for you. In most cases, just making an ssh key is way easier than using network transfers to move it. If your computer ever gets stolen, it is also easier to jsuit remove a key, rather than having to generate it anew on other computers – Airlike 7/4, 2022 at 17:14

I opted for multiple keys, like you say for security purposes its handy to isolate a particular computer at any time – Planimeter 11/4, 2022 at 11:0

You can browse to the .git folder. In which you can find the config file, change the url (would be something like this):

https://github.com/your_name/repo_name.git

to this:

https://[email protected]/your_name/repo_name.git

And thus, you won't need to provide token everytime you try to push.

Pecos answered 4/7, 2023 at 13:43 Comment(0)

Building upon Samir's answer, one way to connect to GitHub without typing in the access token every time is to change your local repository's configuration to include your access token in the GitHub URL:

git remote set-url origin https://your_username:[email protected]/username/repo_name.git

However, when your access token expires, you would have to regenerate it or create a new access token, then re-configure your local repository's GitHub URL to include the updated access token.

Another way, as mentioned in Ferrybig's answer, would be to change your local repository's configuration to connect to GitHub with SSH instead of HTTPS:

git remote set-url origin [email protected]:username/repo_name.git

In order to use SSH, you need to have already created an SSH key and added it to your GitHub account. Find more information at: https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account

Costumer answered 1/3 at 21:41 Comment(0)

Recommended topics

Hot tags