[TriLUG] FInally hopping back on GitHub (help with PAT)
Alan Porter via TriLUG
trilug at trilug.org
Wed Mar 10 19:53:04 EST 2021
My response below was based on what I had seen in an earlier email that
Github sent out.
Now that I actually took the time to look at what Github has to say
about "personal access tokens", I see that they are just secondary
passwords that you can use with git-over-HTTPS requests in place of
where you would normally type in your main Github password. That way,
you can have tighter control over specific actions that a username/PAT
can do, and you don't risk the main password leaking out
unintentionally.
https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token
Alan
On 2021-03-10 09:30, Alan Porter via TriLUG wrote:
>> I'm finally hopping back in to GIthub land and it now
>> suggests/requires
>> using a Personal Access Token. My question is where do you store
>> this so
>> that it is both secure and unnecessary to type everytime you go to
>> commit
>> or push and how?
>
>
> I think the key change is that they are deprecating username/password
> access for git push/pull. Basically they want you to log in to the
> web site using your web username/password (and optionally a second
> factor). Put your SSH key in your configs. And then use SSH auth
> for
> your git push/pull.
>
> Alan
More information about the TriLUG
mailing list