git-tf how do I avoid specify my credentials every checkin

Asked 13/2, 2013 at 17:25 Answered 19/7, 2014 at 8:22

My question is exactly the title.

Every time I run the command git-tf checkin in my command prompt when its connecting to TFS it asks for my username and password. How can I avoid this? Either have it to log in with the current user or store the credentials somewhere in a configuration file.

Teleview answered 13/2, 2013 at 17:25 Comment(0)

By far the most secure way to do this is to simply not store a password and to instead use single sign-on via Kerberos or NTLM:

If you're on Windows and logged into a domain that has a trust relationship with your TFS server, then you should not need to specify a username and password.

If you're on Windows and have a "shadow account" setup, then you should not need to specify a username and password. This occurs when you don't have a domain trust relationship with the TFS server but you are logged in to your local machine with the same username and password as the account on your TFS server.

If you're on a Unix platform, you can get single sign-on using Kerberos. This is most likely the scenario when you have a ticket from your Active Directory server itself, eg kinit activedirectory.domain.name.

Similarly, if you're on Unix and have a Kerberos ticket to a KDC that has a trust relationship with the TFS server (almost certainly the Active Directory server itself) then you should not need to specify a username and password. git-tf will use your logged in credentials to authenticate.

If none of these applies, then you can store the username and password in the git configuration for your repository:

git config git-tf.server.username your-username
git config git-tf.server.password your-password

Note that your password will be stored in the git configuration file in plain text. Be sure to set the ACLs or file permissions as appropriate to discourage people from reading your password out of your configuration file. Or you can store just the username and you will need to type only your password each time.

Jost answered 14/2, 2013 at 17:40 Comment(4)

All right. Git config seems to work. But I would opt for your other solution but cannot make it work. I am developing on a windows 8 computer and our team foundation server is a windows server 2008 r2. I am sitting inside the same local network as the team foundation server. The user I am logged in with on my personal developer computer is also added to team foundation server. This is the user I fill in when tfs prompts me to fill in user and password. I have also added a row in the credential manager on my developer computer. Is there something obvious I am missing? – Teleview 15/2, 2013 at 12:34

Drop us a line on gittf.codeplex.com and we'll get a copy of your logs and see if there's anything elucidating? – Jost 15/2, 2013 at 14:5

I would add that if you add the password with the git config command, your password will be stored in your bash history as well. Manually editing the .git/config file might be slightly preferable. Thanks for these tips on Kerberos though :) – Unreconstructed 29/7, 2013 at 10:1

@EdwardThomson is there any way to get single sign-on working from a Linux client connecting to Visual Studio Online? I have alternate credentials setup in VSO if that helps. – Inspired 17/11, 2013 at 23:52

You can prevent git from saving this to the project's .gitconfig by using the --global switch:

git config --global git-tf.server.username your-username  
git config --global git-tf.server.password your-password

It will still be saved in plain text on your system (C:/Users/your-login/.gitconfig), but at least it won't be saved in a file that lives in the project.

Partridge answered 19/7, 2014 at 8:22 Comment(2)

Why is saving it in the global config a good thing? What if I have multiple TFS servers? – Jost 19/7, 2014 at 12:6

@EdwardThomson Add the credentials to your .git/config file instead. Under the [git-tf "server"] section, add username and password keys. – Ettie 20/5, 2015 at 15:7

Recommended topics

Hot tags