Setting up github with tokens and encrypted authentication, so you don't have to sign in everytime.
sudo apt install git
git config --global user.email "insert_github_email_address"
git config --global user.name "insert_github_name"
Login to github. Go to Settings > Developer Settings > Personal Access Tokens.
Click Generate New Token.
Give it a name and permissions - I added repo, admin: repo_hook and delete_repo.
Click Generate Token.
Temporarily copy the token somewhere.
sudo apt install gpg
gpg --gen-key
Enter your name and email, then a password. This password will be what you have to type once each terminal session to run github commands, it will cache the credentials after this. Remember the name you typed here too, we'll need later.
vim ~/.gnupg/git_credentials
machine github.com
login insert_github_email_address
password insert_copied_token
protocol httpscd ~/.gnupg
gpg --encrypt --trust-model always git_credentials
Enter the name you entered previously that you used to generate the key.
Now delete the raw text file as we have created an encrypted copy.
shred git_credentials
Now this will work, but only if you run git commands with sudo. Let's fix that.
We're using the netrc protocol with git to connect with encrypted credentials, so we're going to make a group with this name and assign the user to this.
sudo groupadd netrc
sudo usermod -a -G netrc insert_linux_username
sudo chown -R root:netrc /usr/share/doc/git/contrib/credential/netrc
sudo chmod g+x /usr/share/doc/git/contrib/credential/netrc/git-credential-netrc
Create a bash script that will run the decryption process when using github commands.
vim ~/.gnupg/git_credential_helper.sh
/usr/share/doc/git/contrib/credential/netrc/git-credential-netrc -f /home/insert_linux_username/.gnupg/git_credentials.gpg getchmod u+x ~/.gnupg/git_credential_helper.sh
Tell git what to run when asking for credentials.
`git config --global credential.helper /home/insert_linux_username/.gnupg/git_credential_helper.sh`Finally, insert the below line into you ~/.profile file (if you don't have one, create it) and restart the terminal.
export GPG_TTY=$(tty)
Now next time you try to access a github repository, it should ask you to enter a password once (the password you entered when you ran gpg --gen-key), then it will remember this for the rest of the terminal session. Much better then having to type your email address and random token every time!
Update - Since I've completed this, some subsequent git package updates have changed the permissions of the credential folder. If you try to run git commands and it says access denied, you will need to redo the two permission changes below.
sudo chown -R root:netrc /usr/share/doc/git/contrib/credential/netrc
sudo chmod g+x /usr/share/doc/git/contrib/credential/netrc/git-credential-netrc
This is part of a collection of blog posts, detailing my laptop setup preferences.
2021 Linux VM Setup: Part 1 - How to install Ubuntu 20.04 on a laptop with Windows 10 Hyper-V
2021 Linux VM Setup: Part 2 - Setting up Git & Github on Ubuntu 20.04
2021 Linux VM Setup: Part 3 - Docker & Docker-Compose Setup on Ubuntu 20.04
2021 Linux VM Setup: Part 4 - zsh, VS Code & Terminal Customisation on Ubuntu 20.04
2021 Linux VM Setup: Part 5 - Windows VS Code Setup for Ubuntu 20.04 VM