I have a repo with 3 submodules. The repo and submodules are all on the same server, which I have ssh access to. The remote URLs are:
ssh://[email protected]/path/to/sub1.git
ssh://[email protected]/path/to/sub2.git
ssh://[email protected]/path/to/sub3.git
If I do an operation such as git submodule update --remote then it prompts for my password 3 times.
Is there any way to update the submodules but only require password once? Same goes for committing changes etc.
Another approach is to use built-in git cache (v. 1.7.10 or newer required) so git will remember your login and password after you provide it first time.
To enable git cache with default timeout (15 min) you type
git config --global credential.helper cache
To change default timeout type
git config --global credential.helper 'cache --timeout=3600'
Credit: this answer began with rjv's answer although I required several more steps to get it working nicely. Other source material is linked below.
Background: I'm using Cygwin in Windows, with a version of git built from source. I'm not using the Cygwin git although this should work the same for that. I am using Cygwin's ssh. But the following method should work for unix-like systems also.
Firstly: it's not possible to "remember" the password inbetween invocations of git. (The git submodule is a script which invokes git once for each submodule here).
However, it is possible to remember RSA key passphrases by using ssh-agent. So the list of steps here is:
.ssh/config entry for the git hostssh-agent to remember the passphrase -- either just for the duration of the current command; or for the duration of the current shell.If you already have a key in ~/.ssh/id_rsa or otherwise that you wish to use, skip this step
Create a key pair with ssh-keygen. Use a strong passphrase. For this answer let's assume the files are mm_rsa and mm_rsa.pub. The default filename is id_rsa etc., however in this answer I will use a different name so that we can see how to specify the name. This could be useful if you wish to use different keys for different hosts.
On the server:
mm_rsa.pub into ~/.ssh mm_rsa.pub to ~/.ssh/authorized_keys (creating it if it didn't exist)On the client:
mm_rsa to ~/.ssh and chmod 600 mm_rsa so that nobody else can read your private key.At this point you could test things by opening an SSH connection using your usual ssh command, plus the option -i ~/.ssh/mm_rsa.
In the ~/.ssh/config file (creating it if it didn't exist), create an entry like this:
Host the_git_host
HostName bla.bla.com
User mm
Port 2222
IdentityFile ~/.ssh/mm_rsa
After doing these steps, you should be able to connect via ssh simply by issuing the command ssh the_git_host after which it will prompt for your passphrase.Link to more detail
Further, you will now be able to change your git remote to use the_git_host and then it will fish those details out of the .ssh/config file!
$ git remote -v
origin ssh://[email protected]:2222/path/to/repo (fetch)
origin ssh://[email protected]:2222/path/to/repo (push)
$ git remote set-url origin ssh://the_git_host/path/to/repo
At this point you will be able to do git remote update and it will use the mm_rsa certificate, and prompt for your passphrase.
ssh-agent is a daemon. To start it you run ssh-agent -s, but that is a bit tricksy. It wants to set environment variables so that other programs can communicate with it. However, instead of just setting them, it outputs them on the commandline. So to actually run ssh-agent you must write:
eval $(ssh-agent)
which both launches ssh-agent and sets the environment variables.
To kill it later and clear the environment, use ssh-agent -k.
Once the agent is running then you remember your passphrase via the command:
ssh-add ~/.ssh/mm_rsa
which will prompt for the passphrase. If you get the error "Could not open a connection to your authentication agent", see here.
Finally, this is a bit annoying to have to type every time, so you can insert this gem into your .bashrc which will delay authentication until you issue a git command:
ssh-auth() {
# Start the SSH agent only if not running
[[ -z $(ps | grep ssh-agent) ]] && echo $(ssh-agent) > /tmp/ssh-agent-data.sh
# Load the environment variables for ssh-agent
source /tmp/ssh-agent-data.sh > /dev/null
# Authenticate
[[ -z $(ssh-add -l | grep "mm_rsa") ]] && ssh-add ~/.ssh/mm_rsa
}
This will persist the authentication for the rest of the current shell (or until you ssh-agent -k).
So, at long last, we can go:
$ ssh-auth
$ git submodule update --remote
One solution might be adding your machine ssh public key to authourized_keys file of the server. After that, you will not be asked for password.
This is possible only if you have server access.
This is how you do it
~/.ssh/id_rsa.pub~/.ssh/authorized_keys file in your server.After that, you can connect to the server without a password
What all answers here fail to mention is that a prompt for username and password is most likely caused by updating a submodule that needs authentication, for example a private repository. I found this neat little detail here:
https://www.appveyor.com/docs/how-to/private-git-sub-modules/
Quote
The problem arises when sub-modules refer private Git repositories which cannot be cloned without authentication and as a result you get stalled build. This is because sub-module repository does not contain SSH public key used to authenticate main repo, so Git is asking for credentials:
This means you need to use SSH for cloning submodules. GitHub provides a nice setup guide with all the steps necessary (basically the short version of @M.M`s answer).
You can use the relative path while adding the submodules. Run the command like below and use relative path:
git submodule add ../test-git-sync.git
.gitmodules file after adding the submodule will look like below
[submodule "test-git-sync"]
path = test-git-sync
url = ../test-git-sync.git # uses relative path
© 2022 - 2024 — McMap. All rights reserved.
https, but I feelssh://matt:[email protected]would work as well. – Apologetics