Geek Answers Handbook

Using HTTPS or SSH with GitHub

I would like to know what is the best way to connect to a GitHub repository between HTTPS and SSH. GitHub seems to recommend HTTPS over SSH:

If you decide not to use the recommended HTTPS method, we can use SSH keys to establish a secure connection between your computer and GitHub. The above steps will help you create an SSH key and then add the public key to your GitHub account.

But I see no reason why HTTPS will be better than SSH. SSH should be more secure than HTTPS. So why does GitHub recommend HTTPS?

+7
git github ssh
source share
2 answers

https is easier to use than ssh.

Using ssh, you need to:

  • create public / private key
  • publish it on github
  • running (if you really want security) ssh-agent to enter a passphrase that you would associate with your private key.

https just reuse the GitHub credentials that you already have.
If you do not want to enter a GitHub password for each git command, you can save these credentials in encrypted ~/.netrc.gpg (or %HOME%/_netrc.gpg on the windows).
See A complete step-by-step example in Is there a way to skip password entry when using https: // github ".

I store several credentials (in GitHub, BitBucket, internal repositories, ...) in one (encrypted) file, and I type in one password (gpg passphrase) once in the morning.
I can then access all of these repositories without entering my credentials during the day.

+6
source

I got a response from GitHub:

We recommend https as it is much easier to configure and does not require knowledge or secure ssh key management.

Since ssh and https use ssl behind the scenes, the advantage of using private key access rather than login credentials is only possible if these keys are managed securely. For those unfamiliar with best practices regarding ssh keys, this is often harder to explain than letting them maintain username / passhprase login credentials using the procedures they already know. There are recommendations, so those who do not have a strong opinion can choose the simplest method. Anyone who prefers ssh keys can do this because they are fully supported.

+11
source

More articles:


All Articles