There are two ways to authenticate to GitHub: your personal account and the repositories that are often linked to it. To work with them correctly, you need to authenticate to the server via two possible services: SSH keys and API token. This article is devoted to understanding how to use a repository after authenticating using the methods described earlier.
Let's run through briefly the pros and cons of the two methods and choose which of the two methods is convenient for you:
- API: it is necessary to enter the token every time, as it is not saved in the config for security reasons. And also it is necessary to define the place of its safe storage. However, convenient integration into own services and applications, mainly used for work between software;
- SSH: stored on the user's machine and does not need input, but is requested from the user's folder via ssh-agent. Convenient to store and use, when working with repositories.
GitHub API authentication
Use HTTPS authentication via GitHub API, password authentication has been disabled since 2021. On the top right find the user icon and select Settings, then in the left menu at the very bottom find Developer settings.
Following the diagram above, choose to create a classic token and wait for the page to load:
Specify the number of days the token will be valid, as well as define possible functions of the key. Then click on the button to create the key!
Copy your key and type the command, replacing the login and repository name:
git add .
git commit
git remote add origin https://github.com/your-login/your-repo.git
git push origin main
We can see from the logs that the upload was successful and now we can move on to the repository itself:
GitHub SSH authentication
The process is as follows: the user creates a pair of encryption keys on his side: a public key and a private key. The first one is added to the Github account, the second one is stored on the user's machine and allows decrypting the information encrypted with this first, public key. When a request to the server is made, the public keys in the account and on the sender's machine are checked, confirmed by the private key, and then access to the repositories is granted.
Let's create the keys and display them on the screen:
cat /home/your-linux-user/.ssh/id_rsa.pub
If you don't have sufficient resources than you can perform actions on powerful cloud servers. Serverspace provides isolated VPS / VDS servers for common and virtualize usage.
It will take some time to deploy server capacity. After that you can connect in any of the convenient ways.
Screenshot №7 — Show key
After copying the key, go to the GitHub site and select the user icon in the top right corner. Then find the Settings button and click on it. In the window that opens, select SSH and GPG on the left.
Click the New SSH key button and enter your key and a name for it in the field that opens. Note that it is the public key that can be distributed and specified in services, but the private key must remain on the machine. If intruders get access to it, they will also get access to your repositories.
After that you need to confirm with your account password that you are the one making the changes. After that the key will be available in your account:
Let's turn to the client device and enter the following command in the working directory with the files that you want to put in the repository: If you can access it, your repositories will be accessed too.
git add .
git commit
git remote add origin git@github.com:an1ik/koldek.git
git push origin main
There are two ways to authenticate to GitHub to interact with repositories and personal accounts: SSH keys and API tokens. Each of these methods has its advantages and disadvantages, choose the most convenient and secure method depending on your needs.