When it comes to Git, should you use HTTPS or SSH?

0 0 2021-11-16T11:50:00-08:00 Edit this post

You normally have two connection options when connecting to remote Git repositories like Github: HTTPS or SSH. Both have various uses, and...


You normally have two connection options when connecting to remote Git repositories like Github: HTTPS or SSH. Both have various uses, and while SSH is widely thought to be more secure, the issue is a little more convoluted.

What Is The Distinction?

The authentication mechanism you use to connect to a Git repo is determined on the URL your remote has chosen. HTTPS is Github's default URL format, which connects directly over the web protocol: 

https://github.com/user/RepoName.git

You can, however, utilise SSH. While you aren't running commands in an interactive shell, the format is the same as if you were connected to a conventional SSH-enabled Linux server: 

user@ipaddress:folder/file

You login to the "git" user on Github and most services, and access the.git endpoint as a file in a folder with your username. 

git@github.com:user/RepoName.git

Why Should You Use HTTPS?

So, which should you go with? While SSH is normally regarded more secure, HTTPS authentication with a password is sufficient for basic Github usage. In fact, Github uses HTTPS by default and encourages it to most users.

However, it's not as simple as it once was—as of August 2021, Github no longer uses your account password to authenticate. You'll need to generate a Personal Access Token, which functions similarly to a second password but is unique and can have special rights assigned to it. It also allows you to use two-factor authentication on your account without any problems.

There are numerous advantages to using HTTPS:

  • HTTPS is less complicated. Except for Github, most sites only need you to enter your account and password before you can push and pull code.
  • To use several devices, you don't need to juggle multiple SSH keys.
  • HTTPS uses port 443, which is open in almost every firewall that can connect to the internet. For SSH, this isn't always the case.

For most individuals, the main disadvantage is that you must enter your Git password/token every time you push. While it is added to a cache, it is not set to cache indefinitely (though this can be changed). When it comes to SSH keys, it just utilises the key file on disc each time.

Why Should You Use SSH?

It's a common misperception that HTTPS is inherently less secure than SSH. Both will protect you against man-in-the-middle (MITM) attacks and guarantee a secure connection. As long as the underlying keys are secure, both methods will do the same task. Although HTTPS with Git will send your password over the wire, both will employ public-key based authentication. Both protocols can be configured to employ multi-factor authentication (MFA/2FA), while using SSH keys with Github makes it easier to use MFA on your account.

When it comes to the authentication factor—the key—SSH takes the lead. It's difficult to mistakenly leak because of its length, and it's generally more secure because it's ungainly and unique. The only drawback is that it's saved on your hard disc as a user-accessible file rather than in your head, but considering how awful humans are at security, that's probably for the best.

It's also less likely to be affected by a data breach. It's not only guaranteed not to be reused, but it's also never saved on another server. There's no risk of it being disclosed or even transferred over the wire because you just provide Github your public key and use your private key to perform the authentication challenge on your end.

SSH has a lot of drawbacks, but if you know what you're doing, you can minimise them:

  • It merely takes a few instructions and clicks in Github's settings to set up your account to use your SSH key.
  • It's not easy to manage several keys per computer, but it's not difficult to set up by establishing your SSH host file and Git remotes.
  • It is possible to transfer keys to other machines, although this isn't necessary because you can have many SSH keys.
Using the ssh.github.com hostname in your SSH settings, SSH can even be tunnelled over HTTPS while accessing Github. While this isn't true for all Git services, it's a wonderful bonus for the most important:

Host github.com
  Hostname ssh.github.com
  Port 443

SSH keys can also be linked through SSH agent forwarding, which allows you to connect to a remote server and then authenticate with the SSH key on your client machine. The remote server functions as a go-between, with no knowledge of your SSH key.

What Should You Do With It?

The question is whether it's worth your time. It's not difficult to just use keys if you've used a command line before, and most people will do so anyway because it's faster to configure once and never type a password again. It also works better with 2FA, which should be used by most high-security Github accounts.

If all you want is a simple experience, HTTPS is safe as long as your password is safe. It's the default and even recommended by Github because it works well and is simple to understand.

Labels:

SHARE:

Twitter Facebook Google Pinterest

COMMENTS

BLOGGER
DISQUS
Name

2023,2,Ai,2,AlmaLinux 9,3,Amazon Linux,5,Apache Web Server,1,AppImage,1,Arduino IDE,1,Artificial Intelligence,2,BalenaEtcher,1,Bitcoin,1,Blockchain Data,1,Bookworm,2,Bootable USB,1,C++,1,centos,1,CentOS 8,1,CentOS Stream,1,CMake,1,CockroachDB,2,cuDNN,1,Database Security,1,Debian,2,Debian 10,2,Debian 11,2,Debian 12,9,DNS,1,Docker,1,E-commerce,1,Fail2ban,1,Fedora Linux,1,Firefox 118,1,FreeIPA Server,1,Function,1,Game Projects,1,Git,3,Google PageSpeed,1,How to,5,How to Install,9,HTTPS,1,Introduction,1,Iptables,1,ISO Image,1,KVM,1,Laravel,1,Let's Encrypt SSL,1,Linux,4,Linux 6.4,1,Linux Kernel 6.5,1,Linux Mint,1,Linux Server,1,Linux-Based Systems,1,Mageia 9,1,Magento,1,MariaDB,1,Media Server,1,ModSecurity,1,New Features,1,Nextcloud,2,NGINX,2,Nvidia CUDA,1,odoo,1,Oracles,1,Performance,1,PHP Zip Module,1,pip,1,Plex,1,Port Forwarding,1,postgresql,2,Privacy,1,Programming,1,Pylint,1,python,5,Python 3.10,2,Quantum,1,Quantum Computers,1,Remote Branch,1,Renew,1,RHEL,1,Rocky Linux 9,2,Rufus,1,Shadow Password,1,SQLite,1,SSH,1,SSH key,1,SSH Keys,1,Step-by-Step,4,SuiteCRM,1,SUSE Linux,1,Syslog,1,System,1,Testing,1,Top 10,1,Translation,1,Ubuntu,1,Ubuntu 18.04,1,Ubuntu 20.04,5,Ubuntu 22.10,1,Ubuntu 23.04,1,Ubuntu Server,1,Ubuntu Upgrade,1,unsupported,1,Up-to-Date,1,Upgrade,1,Visual Studio Code,1,Vivaldi 6.2,1,Web 3.0,1,Web Hosting Security,1,Web Security,1,Webmin,1,What's New,1,Windows 11,1,
ltr
item
Linux code EDU: When it comes to Git, should you use HTTPS or SSH?
When it comes to Git, should you use HTTPS or SSH?
https://blogger.googleusercontent.com/img/a/AVvXsEjqPK1O1jIeDICugGcwcHEx85hQh-sskx9s9_Z7s2HT1FwkDGF_JyHGFX7nNNGWEJ0BWhIIjEyrrdR6SNoBgUPDY1Gp444QsIew6nFYG1W9fHXt2dFP0RJmFDUggq4HX0OhIDEY33033PEUka3Kj6ruCJSKdAP0tU1YNfIlztFvVIsYfa_ZMuzNpperQw=w640-h398
https://blogger.googleusercontent.com/img/a/AVvXsEjqPK1O1jIeDICugGcwcHEx85hQh-sskx9s9_Z7s2HT1FwkDGF_JyHGFX7nNNGWEJ0BWhIIjEyrrdR6SNoBgUPDY1Gp444QsIew6nFYG1W9fHXt2dFP0RJmFDUggq4HX0OhIDEY33033PEUka3Kj6ruCJSKdAP0tU1YNfIlztFvVIsYfa_ZMuzNpperQw=s72-w640-c-h398
Linux code EDU
https://linuxcodeedu.blogspot.com/2021/11/when-it-comes-to-git-should-you-use.html
https://linuxcodeedu.blogspot.com/
https://linuxcodeedu.blogspot.com/
https://linuxcodeedu.blogspot.com/2021/11/when-it-comes-to-git-should-you-use.html
true
6096992636254302192
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content