it works for me when using github access token instead of username and password where 2FA may be required:
HTTPS_REMOTE_URL = 'https://<access_token>:[email protected]/username/private-project'
Hi all,
I am part of an organization, and I have created a personal git token,
Now I want to clone a repo from my organization using my git token,
currently I and doing some thing like this
git clone https://your-username:your-token@github.com/organization-name/your-private-repo.git
but this does not seem to work
can you pls suggest how to clone using git clone command using token only
I am not doing ssh because of some reasons
can you pls suggest
thankyou
Just use the HTTPS address to clone with the key as the user, so:
git clone https://oauth2:[email protected]/username/repo.git
or
git clone https://username:[email protected]/username/repo.git
I turned out to be a scope issue. I of course needed full repo scope since I was trying to clone a private repository.
It's a shame Github does not have some clearer error messages for these kind of things, but security wise I understand why.
For anyone trying to figure out what is wrong when trying out something like this, I would suggest to create a personal access token with full access to everything:
settings > developer settings > personal access tokens > generate new token
This way you can easily test if it is a scope issue by comparing your token with a personal access token that has access rights for everything.
Thanks for anyone who still took the time to read this.
The method that I use is to actually use a git pull instead of a clone. The script would look like:
mkdir repo
cd repo
git init
git config user.email "email"
git config user.name "user"
git pull https://user:[email protected]/name/repo.git master
This will not store your username or password in .git/config. However, unless other steps are taken, the plaintext username and password will be visible while the process is running from commands that show current processes (e.g. ps).
As brought up in the comments, since this method is using HTTPS you must URL-encode any special characters that may appear in your password as well.
One further suggestion I would make (if you can't use ssh) is to actually use an OAuth token instead of plaintext username/password as it is slightly more secure. You can generate an OAuth token from your profile settings: https://github.com/settings/tokens.
Then using that token the pull command would be
git pull https://$OAUTH_TOKEN:[email protected]/name/repo.git master
IMO the best solution is using a custom GIT_ASKPASS helper and deliver the password as another environment variable. So for example, create a file git-askpass-helper.sh as:
#!/bin/sh
exec echo "$GIT_PASSWORD"
and then run git clone https://username@hostname/repo with environment variables GIT_ASKPASS=/path/to/git-askpass-helper.sh and GIT_PASSWORD=nuclearlaunchcodes.
This has the advantage that the password won't be visible in the process list too.