No More Password Prompts: Simpler Git Authentication
/ 2 min read
Table of Contents
I ran into this problem while working on a Frappe app using frappe-docker. The built-in bench command didn’t like it when my app’s repo URL pointed to the SSH endpoint, so I had no choice but to use HTTPS. This meant frequent password prompts, which got old quickly.
Here’s a simple solution to store your Git credentials securely on Linux, using GNOME’s keyring or other secret services. I used git-credential-libsecret with my Elementary OS 7.1 (based on Ubuntu 22.04) but it should available for most popular distributions.
Let’s 🚀
Setup
Install the credential helper
sudo apt install git libsecret-1-0 libsecret-1-devsudo make --directory=/usr/share/doc/git/contrib/credential/libsecretCreate a Personal Access Token
And keep it handy for Step 3
Configure Git to use the credential helper
Use the PAT from before when prompted. Username doesn’t matter. You can use something simple like foo.
git config --global credential.helper /usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecretUpdating Stored Passwords
git credential fillPaste these line by line
protocol=httpshost=github.com<empty line>You’ll be prompted for the new PAT
Pro Tips
-
Global Credential Helper: Setting the global credential helper means using a single PAT for all your repositories, which might not be ideal.
-
For better security and organization, store the PAT you use most frequently (e.g., for personal repos) in the global config.
-
For other repos (like organizational ones), set up a separate credential helper per repo.
Terminal window git config --local credential.helper /usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecret -
-
To list the secrets stored, you can use Seahorse (Passwords and Key)
Wrapping Up
Personally, I’m not sure if this is better than using SSH keys, but it’s a solid solution when SSH isn’t an option. Keep your PATs organized, and you’ll have a smoother, more efficient workflow.