GIT: Storing HTTPS Authentication in Ubuntu (and Arch Linux)

TL;DR version: Skip to Storing your HTTPS credentials using a Keyring.

If you use GIT in Ubuntu, you may be used to this seeing this several times a day:

"Terminal window in Ubuntu asking for GIT credentials"

Tired of constantly typing typing in your credentials? (especially since GitHub requires an alpha-numerical password, so your standard, “easy-to-type” one won’t do)

If you can use SSH, use it

SSH is more secure (and although I have not confirmed this officially, it seems to transfer faster than HTTPS). If it is at all possible, use SSH instead of HTTPS. I would be using SSH myself if it wasn’t for a known bug in the modem required by my ISP which constantly drops the connection mid-transfer; Damn you Telia!

When using SSH, you only have to “generate” a key once for every computer you use, store it in the appropriate directory, and every time you connect to GitHub, that key will be used automatically:

If the SSH port is being blocked

If it’s just an issue of blocked ports, GitHub does provide a service for creating an SSH connection (usually port 22) through the HTTPS port (port 443) which may get past most firewalls. I’m unsure if this is preferable to connecting over HTTPS or not, but at least the option is available:

Storing your HTTPS credentials using a Keyring

SIDE NOTE: There are a lot of old solutions circling the interwebs involving either setting credential.helper to store, or by using netrc, however, in both of these cases the password gets stored as plain-text on your computer. This is usually not ideal.

Instead, you can use gnome-keyring to store your credentials more securely (thanks to James Ward and marcosdsanchez for this solution). This solution assumes you are using GIT 1.8.0 or newer, which if you installed it via apt, you are. If not, you can find the latest version of git from the following URL:

$ sudo apt-get install libgnome-keyring-dev
$ sudo make --directory=/usr/share/doc/git/contrib/credential/gnome-keyring
$ git config --global credential.helper /usr/share/doc/git/contrib/credential/gnome-keyring/git-credential-gnome-keyring

If you are using Arch Linux, you will require a slightly different command, and if you are using OS-X or Windows, GitHub has provided a short set of instructions to use the same GIT feature:

After typing in your user-name and password once the next time you are prompted for it, the credentials should be stored, saving you a lot of typing in the future. If that worked, you are done.

But if you are a real stickler for security

If you really want to require entering your password when connecting to GitHub (perhaps you are dealing with security software and want to avoid any loopholes) but are just tired of typing it in all day, you can configure GIT to store your password for a limited amount of time.

By default, GitHub will store your credentials for 15 minutes. If you want to increase or decrease this amount, use the following command:

 $ git config --global credential.helper "cache --timeout=900"

Replace 900 with the amount of seconds you want the credentials to be saved. Personally, I would recommend 5 hours (18000 seconds) if you work in an office, and 12 hours (43200 seconds) if you work from home. If you don’t want this setting to apply for all your repositories but only for the current repository, remove the --global flag.

Post a comment

All comments are held for moderation; Markdown and basic HTML formatting accepted.

(required, not published)