This article shows you how you can store git credential (username and password) on Linux with:
- and the gpg/pass credentials store
You can then use git
- without being asked for credentials
- in a script mode
Install Gcm on Linux
Download the latest tar file from the release 1)
wget https://github.com/git-ecosystem/git-credential-manager/releases/download/v2.0.935/gcm-linux_amd188.8.131.525.tar.gz tar -xvf <path-to-tarball> -C /usr/local/bin
Atlassian.Bitbucket.UI git-credential-manager git-credential-manager-ui GitHub.UI GitLab.UI libHarfBuzzSharp.so libSkiaSharp.so NOTICE
Configure it as credential manager
Configuring component 'Git Credential Manager'... Configuring component 'Azure Repos provider'...
Or you can just execute:
git config --global credential.helper /usr/local/bin/git-credential-manager
Create the secret store
On Linux, the only disk encrypted option is to use a gpg/pass store
Create the gpg key
- It will prompt you to create a user id
GnuPG needs to construct a user ID to identify your key. Real name: aname Email address: [email protected] Comment: You selected this USER-ID: "aname <[email protected]>"
- When you got to this message: connect to another session and enter a find / | xargs file to create entropy.
We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy.
- When it's finished
gpg: /home/www-user/.gnupg/trustdb.gpg: trustdb created gpg: key 2D3CF104 marked as ultimately trusted public and secret key created and signed. gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2028-05-02 pub 2048R/2D3CF104 2023-05-04 [expires: 2028-05-02] Key fingerprint = 126C 2E32 7C6E 8C8F 7C55 8714 0F83 C936 2D3C F104 uid gitcs <suppor[email protected]> sub 2048R/5A9C14E1 2023-05-04 [expires: 2028-05-02]
Init the pass store
pass init 'aname <[email protected]>'
Set the credential store to gpg
git config --global credential.credentialStore gpg
Set the password for the repository
Create a file (with a empty line at the end)
url=https://example.com/user/repo username=yourUsername password=yourToken
And store it in the config manager with git-credential:
cat git-credential.ini | git credential fill
Git outputs the following response:
protocol=https host=example.com path=user/repo username=yourUsername password=yourToken
Set a username credential for a repository
Add this config:
# create the git user directory to avoid `could not lock config file .git/config: No such file or directory` mkdir ~/.git # execute URL=https://example.com/username/repo git config credential.$URL.username yourusername