I want to do this command in one line:
git pull && [my passphrase]
How to do it?
How to enter command with password for git pull?
you can change your passphrase to be empty by following this: help.github.com/articles/working-with-ssh-key-passphrases –
Aquamanile
You could sidestep the need to type in a passphrase if you run ssh agent. The first time you do a git pull, you do it interactively, and ssh agent will remember your private key and you can run git pull without being prompted. –
Dilapidate
This is not exactly what you asked for, but for http(s):
- you can put the password in .netrc file (_netrc on windows). From there it would be picked up automatically. It would go to your home folder with 600 permissions.
- you could also just clone the repo with
https://user:pass@domain/repobut that's not really recommended as it would show your user/pass in a lot of places... - a new option is to use the credential helper. Note that credentials would be stored in clear text in your local config using standard credential helper. credential-helper with wincred can be also used on windows.
Usage examples for credential helper
git config credential.helper store- stores the credentials indefinitely.git config credential.helper 'cache --timeout=3600'- stores for 60 minutes
For ssh-based access, you'd use ssh agent that will provide the ssh key when needed. This would require generating keys on your computer, storing the public key on the remote server and adding the private key to relevant keystore.
Can you elaborate on the SSH part? I'm configuring an EC2 instance, and I would like it to pull without requesting my password and the AWS autoscale. This public/private scheme looks like a good solution. –
Murmur
@PedroDusso sounds like this thread is what you're after –
Cleanlimbed
i ended using the deploy keys mechanism, which appears to be a good solution. Thanks! –
Murmur
I posted an answer below, but I ended up using access tokens as none of these methods seemed ideal for my use case. –
Nonoccurrence
"git config credential.helper store" doesn't work unless you're already in a directory controlled by git (therefore not useful for cloning) –
Sankhya
@Sankhya yes, but works for pulling, which was in the question. You could also do
git config --global credential.helper for global configuration if needed. –
Cleanlimbed Password authentication (user:pw@repo) has been removed from github at least. See docs.github.com/en/get-started/getting-started-with-git/… For github, if you use Single Sign On, see docs.github.com/articles/… –
Bub
I found one way to supply credentials for a https connection on the command line. You just need to specify the complete URL to git pull and include the credentials there:
git pull https://username:[email protected]/my/repository
You do not need to have the repository cloned with the credentials before, this means your credentials don't end up in .git/config. (But make sure your shell doesn't betray you and stores the command line in a history file.)
password are not required, and this is unsecure to write password this way –
Ectoderm
isn't this one of the things I listed in the accepted answer, already in 2012? –
Cleanlimbed
@eis: Not exactly. The point is that you don't need to clone the repository with the URL that includes the credentials, but still can pull from the URL with credentials. The effect is that the credentials don't end up in the .git/config file. –
Diaconicon
Ah. Thank you for the clarification. Didn't read the answer as well as I should have. –
Cleanlimbed
If you omit the
:password part, you will be prompted for the password after hitting enter. That way, your password will not be saved in the bash history. –
Deoxyribose Yes @PramodGarg use - git pull username:[email protected]/my/repository.git Branch –
Arctogaea
Yes, history will definitely betray you, however if you're worried about such things (as you likely should be), put a single space before entering the command and it won't get added to the command history. –
Isomeric
Using the URL instead of
git pull origin will mess up the reference to remote commit. As I understand, it updates the FETCH_HEAD tag, but not the origin/* branch. See #4053288 –
Clausius Using the credentials helper command-line option:
git -c credential.helper='!f() { echo "password=mysecretpassword"; }; f' git pull
Or if you also want to enter the username:
git -c credential.helper='!f() { echo "username=myusername"; echo "password=mysecretpassword"; }; f' git pull
Or if you also want to enter the username too: git -c credential.helper='!f() { echo "username=myusername"; echo "password=mysecretpassword"; }; f' git pull –
Tamica
Isn't there a "git" to much? It shouldn't be
git -c crendential.helper='...' git pull but rather git -c crendential.helper='...' pull i guess. –
Proportioned Below cmd will work if we dont have @ in password:
git pull https://username:pass@[email protected]/my/repository
If you have @ in password then replace it by %40 as shown below:
git pull https://username:pass%[email protected]/my/repository
I just went through this so supplying my answer as I ended up using Gitlab access tokens although some may need Github access tokens
I would prefer to use SSH but there is a gitlab bug preventing that. Putting my password in .netrc or the URL is not ideal. Credential manager needs to be restarted on server reboot which is not ideal.
Hence I opted for an access token which can be used like so: git clone https://<username>:<accessToken>@gitlab.com/ownerName/projectName.git
The access token is stored with the url so this is not secure but it is more secure than using username:password since an access token can be restricted to certain operations and can be revoked easily.
Once it's cloned down (or the URL is manually updated) all your git requests will use the access token since it's stored in the URL.
These commands may be helpful if you wish to update a repo you've already cloned:
git remote show origin
git remote remove origin
git remote add origin https://<username>:<accessToken>@gitlab.com/ownerName/projectName.git
Edit: Be sure to check the comments below. I added 2 important notes.
Update: Gitlab has both user access and project access tokens. If you use an SSO provider like Okta you will need to use project access tokens. User tokens will require constant re-validation through SSO making them unusable for automated processes. –
Nonoccurrence
Update 2: One liner to update the remote
git remote set-url origin https://<username>:<accessToken>@gitlab.com/ownerName/projectName.git –
Nonoccurrence I did not find the answer to my question after searching Google & stackoverflow for a while so I would like to share my solution here.
git config --global credential.helper "/bin/bash /git_creds.sh"
echo '#!/bin/bash' > /git_creds.sh
echo "sleep 1" >> /git_creds.sh
echo "echo username=$SERVICE_USER" >> /git_creds.sh
echo "echo password=$SERVICE_PASS" >> /git_creds.sh
# to test it
git clone https://my-scm-provider.com/project.git
I did it for Windows too. Full answer here
Note that the way the git credential helper "store" will store the unencrypted passwords changes with Git 2.5+ (Q2 2014).
See commit 17c7f4d by Junio C Hamano (gitster)
credential-xdgTweak the sample "
store" backend of the credential helper to honor XDG configuration file locations when specified.
The doc now say:
If not specified:
- credentials will be searched for from
~/.git-credentialsand$XDG_CONFIG_HOME/git/credentials, and- credentials will be written to
~/.git-credentialsif it exists, or$XDG_CONFIG_HOME/git/credentialsif it exists and the former does not.
If you are looking to do this in a CI/CD script on Gitlab (gitlab-ci.yml). You could use
git pull $CI_REPOSITORY_URL
which will translate to something like:
git pull https://gitlab-ci-token:[MASKED]@gitlab.com/gitlab-examples/ci-debug-trace.gi
And I'm pretty sure the token it uses is a ephemeral/per job token - so the security hole with this method is greatly reduced.
You can simply do this:
eval $(ssh-agent -s)
echo "password" | ssh-add ~/.ssh/id_rsa
git pull origin master
© 2022 - 2024 — McMap. All rights reserved.