Setting up github with tokens and encrypted authentication, so you don't have to sign in everytime.

Photo by Yancy Min / Unsplash

sudo apt install git
git config --global "insert_github_email_address"
git config --global "insert_github_name"

Login to github. Go to Settings > Developer Settings > Personal Access Tokens.
Click Generate New Token.
Give it a name and permissions - I added repo, admin: repo_hook and delete_repo.
Click Generate Token.
Temporarily copy the token somewhere.

sudo apt install gpg
gpg --gen-key

Enter your name and email, then a password. This password will be what you have to type once each terminal session to run github commands, it will cache the credentials after this. Remember the name you typed here too, we'll need later.

vim ~/.gnupg/git_credentials

login insert_github_email_address
password insert_copied_token
protocol https

cd ~/.gnupg
gpg --encrypt --trust-model always git_credentials

Enter the name you entered previously that you used to generate the key.
Now delete the raw text file as we have created an encrypted copy.

shred git_credentials

Now this will work, but only if you run git commands with sudo. Let's fix that.
We're using the netrc protocol with git to connect with encrypted credentials, so we're going to make a group with this name and assign the user to this.

sudo groupadd netrc
sudo usermod -a -G netrc insert_linux_username
sudo chown -R root:netrc /usr/share/doc/git/contrib/credential/netrc
sudo chmod g+x /usr/share/doc/git/contrib/credential/netrc/git-credential-netrc

Create a bash script that will run the decryption process when using github commands.

vim ~/.gnupg/

/usr/share/doc/git/contrib/credential/netrc/git-credential-netrc -f /home/insert_linux_username/.gnupg/git_credentials.gpg get

chmod u+x ~/.gnupg/

Tell git what to run when asking for credentials.

`git config --global credential.helper /home/insert_linux_username/.gnupg/`

Finally, insert the below line into you ~/.profile file (if you don't have one, create it) and restart the terminal.

export GPG_TTY=$(tty)

Now next time you try to access a github repository, it should ask you to enter a password once (the password you entered when you ran gpg --gen-key), then it will remember this for the rest of the terminal session. Much better then having to type your email address and random token every time!

Update - Since I've completed this, some subsequent git package updates have changed the permissions of the credential folder. If you try to run git commands and it says access denied, you will need to redo the two permission changes below.

sudo chown -R root:netrc /usr/share/doc/git/contrib/credential/netrc
sudo chmod g+x /usr/share/doc/git/contrib/credential/netrc/git-credential-netrc

This is part of a collection of blog posts, detailing my laptop setup preferences.

2021 Linux VM Setup: Part 1 - How to install Ubuntu 20.04 on a laptop with Windows 10 Hyper-V
2021 Linux VM Setup: Part 2 - Setting up Git & Github on Ubuntu 20.04
2021 Linux VM Setup: Part 3 - Docker & Docker-Compose Setup on Ubuntu 20.04
2021 Linux VM Setup: Part 4 - zsh, VS Code & Terminal Customisation on Ubuntu 20.04
2021 Linux VM Setup: Part 5 - Windows VS Code Setup for Ubuntu 20.04 VM