2

I've just started a contract job, and have an account at the company git repository. Problem is, the password given is alphanumeric gibberish, so I'd like to configure git to allow for password less push/pulls on my Ubuntu development box.

To do so, I've created a .netrc file with 0600 permissions in $HOME and added

machine companyserver.com login jason password aphanumeric_gibberish

The git clone command consists of 

git clone [email protected]:/opt/git/jason.git

Even after deleting my local working copy and re-cloning the git repo to 

/media/storage/code_projects/company_working_copy

I still get prompted for the password.

Based on these conditions, how can I implement a password-less push/pull using .netrc?

Improve this question
1
  • 2
    It's probably using ssh. Set up some keys. Commented Jul 20, 2013 at 14:59

1 Answer 1

Reset to default
5

The url you are using the clone the company repo:

[email protected]:/opt/git/jason.git

looks like an SSH url for Git, as specified at the official Linux Kernel Git documentation for clone urls:

An alternative scp-like syntax may also be used with the ssh protocol:

[user@]host.xz:path/to/repo.git/

In your case:

  1. user@ is jason@.
  2. host.xz is git.companyserver.com.
  3. /path/to/repo.git/ is /opt/git/jason.git.

You'll need to set up an SSH key to use "password-less" push and pulls with your remote Git repo. You can find such instructions at the GitHub help page on generating SSH keys.

Be warned, however, that it's recommended that you still encrypt your private SSH key with a password, because if someone manages to steal the private key file from your computer, then it's like stealing your password and they'll be able to impersonate you on any SSH service you use with that private key, as explained by GitHub on why SSH passphrases are necessary:

Passwords aren't very secure, you already know this. If you use one that's easy to remember, it's easier to guess or brute-force. If you use one that's random, it's hard to remember and thus you're more inclined to write the password down. Both of these are Very Bad Things™. This is why you're using ssh keys.

But using a key without a passphrase is basically the same as writing down that random password in a file on your computer. Anyone who gains access to your drive has gained access to every system you use that key with. This is also a Very Bad Thing™. The solution is obvious, add a passphrase.

In the same help article, they also explain how to use the *nix utility ssh-agent to automatically store your passphrase during a terminal session so that you don't have to keep entering it every time you use your private key to make an SSH request.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.