Provide a username and password for Git operation over SSH

David Y.

The Problem

When cloning, pulling, or fetching from an HTTPS Git remote, I can provide a username and password in the URL as follows:

This prevents Git from prompting for the username and password, which is useful for scripts.

However, I do not know how to do this for Git SSH remotes, i.e. remotes with URLs like this:

How can I include authentication details in a remote URL of this type?

The Solution

The username and authentication method used for an SSH Git remote will depend on the remote system’s SSH configuration. The username is already specified in the URL, before the @ sign. In many cases, password authentication will be disabled in favor of public-private key authentication. This is the case with most cloud Git hosts such as GitHub, BitBucket, and GitLab. It is not possible to use your account’s username and password over SSH with these services. Instead, you must use SSH keys for authentication. Platform-specific instructions are linked below:

Once you’ve configured SSH authentication, you will be able to clone, pull, and fetch from any Git repositories you have access to over SSH URLs, without specifying a username or password.

When setting up an SSH key, it is possible to specify a passphrase, which is used to encrypt the private key on the local system. If a passphrase is configured, it will need to be entered whenever SSH is used. To avoid this, we can remove the passphrase by entering the following command:

ssh-keygen -p

When prompted, leave the keyfile location as the default setting, enter the old passphrase, and leave the new passphrase blank.

Alternatively, sshpass can be used to submit the passphrase to SSH non-interactively. It is available from the software repositories of Linux distributions.

sshpass can be used with a git clone command as follows:

sshpass -p passphrase git clone

The same will work for git pull and git fetch.

In the event that the host of the Git remote supports password authentication, sshpass can be used in the same way, but specifying the system password instead of the SSH key passphrase. Note that this is considered highly insecure and SSH key authentication should be used instead wherever possible.

Loved by over 4 million developers and more than 90,000 organizations worldwide, Sentry provides code-level observability to many of the world’s best-known companies like Disney, Peloton, Cloudflare, Eventbrite, Slack, Supercell, and Rockstar Games. Each month we process billions of exceptions from the most popular products on the internet.

Share on Twitter
Bookmark this page
Ask a questionJoin the discussion

Related Answers

A better experience for your users. An easier life for your developers.

© 2024 • Sentry is a registered Trademark
of Functional Software, Inc.