Git authentication fails after enabling 2FA
I just enabled 2FA (I can't think of any other changes I made) and git asked for my username and password. I provided both, but they were "wrong". I tried many of the solutions here: Git push requires username and password but that didn't work. In particular, when switching from https to ssh, the ssh key gives
Permission denied (publickey). fatal: Could not read from remote repository.
$ git push
warning: push.default is unset; its implicit value is changing in
Git 2.0 from 'matching' to 'simple'. To squelch this message
and maintain the current behavior after the default changes, use:
git config --global push.default matching
To squelch this message and adopt the new behavior now, use:
git config --global push.default simple
See 'git help config' and search for 'push.default' for further information.
(the 'simple' mode was introduced in Git 1.7.11. Use the similar mode
'current' instead of 'simple' if you sometimes use older versions of Git)
Username for 'https://github.com': **********
Password for 'https://mlbileschi@github.com':
remote: Invalid username or password.
fatal: Authentication failed for 'https://github.com/mlbileschi/scala.git/'
Any tips?
gh) and the problem goes away. First, download GH CLI using the instructions from the project README, and then follow the manual to authenticate it. Follow the instructions in the terminal, and when GH CLI has finished authenticating, you don't require a password anymore for git push.
You need to generate an access token. You can create one by going to your settings page.
https://i.stack.imgur.com/OSWdi.png
Use this access token as your password in the command line.
An end-to-end solution takes 3 steps.
Kudos to Gergo Erdosi. His answer is largely right, it is just that Github changes that setting page. As of late 2016, you need to generate an access token from your Personal access tokens page. Use this access token as your password in the command line. You can persist your user name by including it into your project remote url. One of the way to do it is to edit your .git/config to modify the url line into the following format: url = https://YOUR_USERNAME_HERE@github.com/owner/repo.git You can persist your password by run this for one time only: $ git config credential.helper store and then your future git password(s) will be stored in ~/.git-credentials, in plaintext, using the format https://user:PlaintextPassword@example.com. Storing password(s) in plaintext would normally be considered as a security risk. But in this 2FA case, the credential is NOT your real password, it is a randomly generated string. So it is as secure as using a ssh private key a passphrase-less ssh private key. CAVEAT: keep in mind that, if you happen to also use another git account(s) without 2FA on this machine, those real password(s) will also be stored in plaintext.
PS: Alternatively, you could choose to use ssh-based login, using a passphrase-protected ssh private key, which would be more secure and less convenient, but it is outside the scope of this answer.
...the credential is NOT your real password, it is a randomly generated string. So it is as secure as using ssh private key. — it is not true at all. SSH keys could be easy protected by passphrase out of the box. Plain ~./git-credentials — is not secured at all!
You can set an SSH key (on both Linux and Windows)
💡 Note for Windows users Make sure HOME environment variable is defined and set on your user's directory e.g. C:\Users\jossef (learn more)
1) Generating a new SSH key (source)
Open terminal / cmd and paste the text below, (replace with your GitHub email address)
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
2) Link the public key to your GitHub account
On Linux / macOS, run in terminal: cat ~/.ssh/id_rsa.pub
On Windows, run in cmd: type %HOME%\.ssh\id_rsa.pub
This will output the public key:
ssh-rsa AAAAB3NzaC1y ... mKAKw== your_email@example.com
Navigate to https://github.com/settings/keys
Click New SSH Key
Give it a title
Copy-paste the public key from the previous command output
https://i.stack.imgur.com/gVrFW.png
3) Change git origin from https:// to ssh
Open terminal / cmd and cd to your cloned repository directory and run:
git remote set-url origin git@github.com:<github username>/<repository name>
https is sometimes usefull, e.g when keeping upstream over https while having your fork over ssh, so that you avoid accidentally pushing to upstream, since https will ask for the password and remind you that you targeted the wrong repo
I had a similar problem. I had to alter the url used in the git command to include my username.
git push https://YOUR_USERNAME_HERE@github.com/mlbileschi/scala.git
Then when it asks for PW use the access token you created from following the instructions in Gergo Erdosi's answer.
git remote set-url --push origin with the same value, then git push origin master still fails.
git-bash worked fine though
If you are already using ssh keys, after enabling 2FA it will enforce you to read/write remote with SSH. You don't really need to add personal tokens rather keep using your existing SSH key pair.
Just change your remote url from HTTPS to SSH:
git remote set-url origin git@github.com:<github-username>/<repo-name>
2021 update
Not sure if this is going to work for everyone but updating my git version from 2.27.0 to the latest one (currently 2.30.0) solved my issue, whereas trying to use a personal access token as a password in the command line didn't.
After the update, when trying to push, I was prompted to login into GitHub through the browser, instead of typing my credentials in a dialog or in the command line.
This worked for me:
Go to [your-git-repo]/.git/config
Under [remote "origin"] Change the URL key from http protocol to git.
Example
If the value of url is https://github.com/.git change it to git@github.com:<repo-url>.git
This worked for me after enabling 2FA on Github:
Create a Personal Access Token: https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line. NOTE: Remember to select the correct permissions for the token. Run: git clone https://github.com/username/repo.git Username: your_username Password: your_token
Further reading: https://help.github.com/en/github/using-git/which-remote-url-should-i-use
I was facing this problem on existing repo when I enabled 2FA(two factor authentication) for one of my private repos. I was able to solve it following below steps on my ubuntu 19.0 terminal:-
Add your ssh key to github so that you dont need to use your password again,as now you have enabled 2FA.Visit github page to know how to do it easily. Once key is added, go to your terminal, and update the origin url git remote set-url origin git@github.com:
Thats it.Hope it helps
I came across this issue when switching to an old laptop. Really the issue was just that I was running an old version of git. Once I updated to the most recent version of git with the new cross platform credential manager it was able to sign me w/ 2FA perfectly fine (looks like it automatically creates a PAT for you).
Follow WeChat
Success story sharing
Want to stay one step ahead of the latest teleworks?
Subscribe Now相似问题
- How to remove local (untracked) files from the current Git working tree
- What is the difference between 'git pull' and 'git fetch'?
- How do I undo 'git add' before commit?
- How do I force "git pull" to overwrite local files?
- How do I check out a remote Git branch?
- How do I delete a Git branch locally and remotely?
- How to determine the URL that a local Git repository was originally cloned from
- How do I revert a Git repository to a previous commit?
- How do I rename a local Git branch?
git pullin. Probably a local issue, but this might help someone.The requested URL returned error: 403when I use the token for password, for a push over https