Chapter 10 Cache credentials for HTTPS
If you plan to push/pull using HTTPS, you want to cache your credentials (username, password), so you don’t need to enter them over and over again. Alternatively, you could set up SSH keys, chapter 11). I suggest you set up one of these methods of authentication on each computer you want to connect to GitHub from.
I find HTTPS easier to get working quickly and strongly recommend it when you first start working with Git/GitHub. It is what GitHub recommends, presumably for exactly the same reasons. I started with HTTPS, but eventually switched over to SSH. Either is fine, and you can change your mind later.
10.1 You might not need to do anything!
As of January 2019, if you install Git using the methods recommended here in Happy Git, it is possible that Git will use a credential helper provided by your operating system. That is, you may not need to do anything special in order to cache your GitHub username and password.
Specifically, if you are on macOS or Windows, don’t do anything described here until you have actual proof that it’s necessary, i.e. that you have experienced repeated challenges for your username and password when using HTTPS.
In my most recent experiments, Git for Windows is configured to store credentials via the Windows Credentials Manager. This meant that I only needed to enter my GitHub username and password once to get setup for HTTPS.
Here’s a command to reveal the configuration and the output I see in a fresh installation of Git for Windows:
$ git config --show-origin --get credential.helper file:C:/Program Files/Git/mingw64/etc/gitconfig manager
I’m not currently in a position to say if credential caching “just works” on macOS in a fresh Git installations. Have you recently experienced this? Let me know in an issue! If you need to turn it on explicitly, instructions for that are given below.
10.2 Special consideration re: two-factor authentication
If you really want to use HTTPS, you must enter a personal access token in lieu of your password. This is the same type of PAT you could use to access the GitHub API and that many R users define in
.Renviron as the environment variable
10.3 Get a test repository
You need a functioning test Git repository. One that exists locally and remotely on GitHub, with the local repo tracking the remote.
If you have just verified that you can interact with GitHub (chapter 9) from your local computer, that test repo will be perfect.
If you have just verified that you can work with GitHub from RStudio (chapter 12), that test repo will also be perfect.
You may proceed when
- You have a test repo.
- You know where it lives on your local computer. Example:
- You know where it lives on GitHub. Example:
You know the GitHub repo is setup as a remote. In a shell (Appendix A) working directory set to the local Git repo, enter:
git remote -v
Output like this confirms that fetch and push are set to remote URLs that point to your GitHub repo:
origin https://github.com/jennybc/myrepo (fetch) origin https://github.com/jennybc/myrepo (push)
git branch -vv
Here we confirm that the local
masterbranch is tracking your GitHub master branch (
origin/master). Gibberish? Just check that your output looks similar to mine:
master b8e03e3 [origin/master] line added locally
10.4 Verify that your Git is new enough to have a credential helper
In a shell (Appendix A), do:
10.5 Turn on the credential helper
10.5.0.1 Windows, plan A
The preferred setting for
credential.helper is now
manager, which configures Git to use Git Credential Manager for Windows, which ships with Git for Windows. This may already be configured, but this command sets it explicitly:
git config --global credential.helper manager
10.5.0.2 Windows, plan B
If for some reason, Git Credential Manager does not work, you may have success with an older method,
git config --global credential.helper wincred
This is, however, considered deprecated and suggests you should install the current Git for Windows. So only use this as a temporary solution to get unstuck, until you can upgrade.
Find out if the credential helper is already installed. In the shell, enter:
And look for this output:
usage: git credential-osxkeychain <get|store|erase>
If you don’t get this output, it means you need a more recent version of Git, either via command line developer tools or Homebrew. Go back to the Mac section of chapter (6).
Once you’ve confirmed you have the credential helper, enter:
git config --global credential.helper osxkeychain
In the shell, enter:
git config --global credential.helper 'cache --timeout=10000000'
to store your password for ten million seconds or around 16 weeks, enough for a semester.
10.5.1 Trigger a username / password challenge
Change a file in your local repo and commit it. Do that however you wish. Here are shell commands that will work:
echo "adding a line" >> README.md git add -A git commit -m "A commit from my local computer"
git push -u origin master
One last time you will be asked for your username and password, which hopefully will be cached.
Now push AGAIN.
You should NOT be asked for your username and password, instead you should see
Rejoice and close the shell.