Each time we run a pull or push command,
git prompts for a username and a passphrase. A legacy but not safe way to tell
git to store them is by running:
git config --global credential.helper store
However, this is not recommended, since it stores credentials in a plain text file.
Store credentials in memory
A much safer behavior is to cache the credentials in memory during a limited time:
git config credential.helper 'cache --timeout=3600'
This command configures
git to store credentials during one hour (can be changed by setting a different value for
Store credentials with libsecret
Another way to store credentials in a safe manner uses
libsecret, a GNOME library designed for storing passphrases or other secrets. As far as I know, there are no binaries provided by Ubuntu to use with
git. However, the
git package contains the source code for such a helper. It requires installing the following libraries:
sudo apt install build-essential libsecret-1-0 libsecret-1-dev
Then we can compile the source:
sudo make --directory=/usr/share/doc/git/contrib/credential/libsecret
sudo is required because we compile sources in a subdirectory of
/usr owned by the system. This will create a binary, so we can tell
git to use it:
git config --global credential.helper /usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecret
With the default settings, you should type your username and passphrase only once per login session.
Other methods exist for Windows or using
pass. See the references below.
File list of the Ubuntu git package ↩︎
git-credential-cache for Windows ↩︎
Safely storing git credentials ↩︎