Github Authentication

Authentication in Git is the process of verifying the identity of the user who is trying to access a Git repository. To authenticate with a Git repository, you must provide some identification that the Git server can verify.

Authentication methods

It’s essential to keep your authentication information secure, as anyone accessing your authentication information can access your Git repository. If you’re using HTTPS authentication, use a strong password and enable two-factor authentication (2FA) to add an extra layer of security. If you’re using SSH authentication, store your private key securely and use a passphrase to encrypt it.

There are several ways to authenticate with a Git repository:

HTTPS authentication (credentials)

With HTTPS authentication, you authenticate using your GitHub username and password. When you push or pull changes from a Git repository, Git will prompt you to enter your username and password. This method is the most common way to authenticate with Git and is the easiest to set up.

When you authenticate with Git or GitHub using HTTPS authentication, the remote URL for your repository includes your username. For example, the remote URL for a repository might look like this:

https://github.com/yourusername/yourrepository.git

SSH authentication (key pair)

With SSH authentication, you authenticate using an SSH key. SSH keys are cryptographic keys that are used to authenticate with a Git server without the need for a password. When you use SSH authentication, you don’t need to enter your password every time you interact with the Git server. Instead, you create a public and private key pair and upload the public key to your Git hosting provider. The private key is stored locally on your computer to authenticate with the Git server.

When you switch to SSH authentication, the remote URL for your repository changes to use your SSH key instead of your username. The remote URL for a repository with SSH authentication looks like this:

git@github.com:yourusername/yourrepository.git

Your private key file must be named after the default naming standards

id_dsa

id_rsa

id_ecdsa

id_ed25519

id_xmss

To set a GitHub repository to use SSH for authentication you need to make sure your public key is in the GitHub account under the SSH and GPG Keys settings. This key is global for all repositories nested from this account, including any organizations. To use the SSH key from a workstation you of course need the private key to be available but otherwise it’s simply a matter of setting the origin value to be SSH rather than HTTPS. This is required if switching from HTTPS to SSH. if you setup the local reposisotry using SSH in the first place then no action needed.

git remote set-url origin git@github.com:username/repository.git

If you have issues using the key pair, maybe you have multiple keys on your system, you can tell Git explicitly which SSH key to use by setting the GIT_SSH_COMMAND environment variable:

[Environment]::SetEnvironmentVariable("GIT_SSH_COMMAND", "ssh -i C:\\Users\\userName\\.ssh\\yourspecifickeyfile", "User")

To test your connectivity to GitHub using SSH run the following command:

ssh -T -v git@github.com