You have git repositories setup for http access,
and you want to access automatically without typing your password.
Set up an access token
Generate an access token for GitHub:
- Go to Personal access tokens and click Generate new token.
- In the next screen name it Personal Token (the name doesn’t matter), and check every option except “delete_repo”. This is for security, so if you want to remove the repository you have to do it manually from the web.
- Click Generate new token and copy it to a safe location.
Check that the token works:
- Replace MYTOKEN with your token obviously.
- If you don’t have curl,
brew install curlusing Homebrew.
- If you want to clear the token from your bash history type:
Create a .netrc file
.netrc is a file in your home directory that has the information that enables authenticated HTTP/HTTPS logins. Google it.
- Edit the file (mate is my editor):
- Paste this content (replace TOKEN with your personal token)
At this point it clones using git and http/https without user interaction.
When we created the SSH key, we protected it with a password, but the .netrc key is unprotected. This means that anyone with physical access to your computer while your user is logged can dump the .netrc. If this is a concern for you, here is how to protect it with GPG.
Encrypt .netrc with GPG
- Install GPG using Homebrew.
- Replace pinentry with a mac compatible version:
- To create a GPG key type the following and carefully follow the instructions. Be aware it will ask you for a password to protect your key.
.netrcwith an encrypted version:
Now try again for the final test. Be aware it will ask you for the GPG password you set before.
This will present you with a GUI asking for your GPG password and offering to store it in the keychain. You won’t have to type it everytime.