SSH or HTTPS connection to GitHub
Why are we doing this?
We need to connect to Github (or whatever other repository we may be using), and for that to work, we have to be able to identify ourselves. This is actually a pretty hard thing to do, and there are two main options we have.
What are the options?
This is recommend if you are on Linux or macOS (HTTPS also is recommended on macOS). (It does work on Windows, but since the HTTPS method is included by default, you may as well use that instead.)
Secure SHell is the standard program for connecting to remote servers. It’s well worth learning anyway.
These days, every major operating system has it built in, but it requires more set up using “SSH keys” to use it for Github. It’s really useful to set this up and get to know it well, even for things other than git.
This is recommend if you are on Windows or macOS (SSH also is recommended on macOS).
Web browsers use HTTPS (secure hypertext transfer protocol) to communicate with web sites. The thing is, it’s less secure if only a password is used, so Github doesn’t allow normal passwords anymore. With an extra tool, it becomes easy and secure, though.
You should remember your choce for the lessons.
Based on your decision above, try to set it up. You can try the other one if your first choice doesn’t work. There’s nothing wrong with doing both of them.
Watch this in video form
This CodeRefinery video about ssh keys (7 min) shows how to set up SSH connection to GitHub. If you are new to SSH keys, We recommend you watch this first to understand what is going on.
For the instructions, please follow this guide from GitHub to connect to GitHub with SSH keys. These same instructions work with services other than GitHub as well (except the adding the key to GitHub part).
If you think you might already have SSH keys, start with Checking for existing SSH keys
Then start with Generating a new SSH key and adding it to the ssh-agent
Then Testing your SSH connection (note that this is the same as the verification steps below)
If on Windows, Working with SSH key passphrases is optional but can save you from retyping the passphrase so many times.
We use Git Credential Manager to make HTTPS easy.
Windows: Git Credential Manager should have been installed as part of Git for Windows installation. If not, go back to the git installation and make sure it is selected.
macOS: Follow the macOS installation instructions for Git Credential Manager.
Linux: The Linux install instructions for Git Credential Manager work, but have to make one extra configuration step compared to other operating systems (since Linux has more options like connecting remotely to it to do work). SSH is so natural on Linux you may as well do that.
How to verify that it worked
Try this in your terminal shell:
$ ssh -T email@example.com ``` If you set up ssh keys correctly, you will see: ``` Hi yourusername! You've successfully authenticated, but GitHub does not provide shell access.
If it says “You’ve successfully authenticated” then it works and your SSH keys are properly set up with GitHub.
You possibly see this warning (the IP and the fingerprint may look differently):
$ ssh -T firstname.lastname@example.org The authenticity of host 'github.com (126.96.36.199)' can't be established. ED25519 key fingerprint is SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])?
Before typing “yes”, verify that the fingerprint is one of these.
What this means: SSH is a secure protocol to send data between two computers but the very first time you ever connect to the remote host, SSH asks if this is really the host/server we meant to talk to and to verify that nobody is trying to impersonate the other host. Once we validate the connection, SSH will remember that we trust that host and not ask this question again.
It’s hard to test this, but here is what we recommend:
Linux/macOS: Start your terminal application (wherever you have Git).
Windows: start Git Bash.
Run the following command:
$ git clone https://github.com/rkdarst/private-example.git
It should open a web browser window and ask “Authorize Git Credential Manager”? This means that the program running on your computer will have access to GitHub as you. Click “Authorize git-ecosystem” and close the tab when it asks you to.
This is private so it will say the repository is not found, but that’s OK. If it sent you to your web browser, that means the authentication worked! This is what it looks like if the verification was successful:
$ git clone https://github.com/rkdarst/private-example.git Cloning into 'private-example'... info: please complete authentication in your browser... remote: Repository not found. fatal: repository 'https://github.com/rkdarst/private-example.git/' not found
(If it asks you for a username and password in the terminal, then the verification failed - this won’t work with Github.)
Git Credential Manager will remember your login the first time you use it on a repository you have access to.
Running on a remote server?
If you are on a remote server and Git can’t automatically start a web browwser, you might get this prompt:
Select an authentication method for 'https://github.com/': 1. Device code (default) 2. Personal access token
Select option 1 and do what it says.