8

When I pushed to my repository using the bash terminal, GitHub sent me an email:

[GitHub] Deprecation Notice
Hi,

You recently used a password to access the repository at with git using git/.

Basic authentication using a password to Git is deprecated and will soon no longer work. Visit https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information around suggested workarounds and removal dates.

Thanks, The GitHub Team

So I tried figuring out how to use the auth token, but this, this and this page didn't really help.

Once I generate a token that looks like this, ff35995a9624470a855520c573972d2f1812843, I understand that I'm supposed to be able to do a git push --all, then type my username and enter the token to be able to authenticate.
But this would mean that I need to store this token in plain text or in some password manager. That just seems wrong. Or is my understanding of this whole process flawed?

How do I securely use this token instead of a password? I remember SourceTree had something that I think was a provision for storing such a token, but how would one do it via the Linux terminal securely?

Nav
  • 19,885
  • 27
  • 92
  • 135
  • I'm really confused about this issue, because I successfully used ssh -T and connected and on Ubuntu 20.04 it tells me that " You've successfully authenticated, but GitHub does not provide shell access." But that's how the documents tell me how to connect. If I attempt to sign in with a username and password it warns me that this won't be allowed in the future. Is console access via git going to be gone from github? – raddevus Jan 21 '21 at 15:58
  • 1
    I finally figured out the exact steps how to move forward with this using a PAT and wrote it up at: https://stackoverflow.com/questions/18935539/authenticate-with-github-using-a-token/65831761#65831761 – raddevus Jan 21 '21 at 16:39

2 Answers2

1

Effectively, your password is replaced by a "personal access token", which is just another sort of password. Instructions for how to generate it are here. It's completely random so it is impossible to remember. Cool. Save it in place of your password in a password manager so you can use it when necessary, or there are other solutions such as caching.

See the bottom of this help page you will see it is used in exactly the same way as a password along with your original username. Also you might need to switch your repository from ssh to html.

More stackoverflow answers are here Authenticate with GitHub using a token

Anthony Ebert
  • 675
  • 14
  • 25
  • Please give a bit more detailed instructions here. the links can become 404 over time, but then your basic instructions will remain here forever. – agent18 Apr 28 '21 at 19:55
0

As per a reply from the GitHub community:
Using a password manager would be the preferred solution. You could look into git-credential-cache so you don’t have to enter the token (from the password manager) for each and every push. Using SSH with an encrypted key and ssh-agent has a similar effect.

Nav
  • 19,885
  • 27
  • 92
  • 135