GitHub SSH key or username and email?

I'll be getting my new laptop tomorrow and I'll have to do all the setup like installing node and git. When I first connected to GitHub I used a username and email to verify my identity. I watched a freeCodeCamp video on Git and they had a section on authenticating with SSH. I was confused by that method. Is there a benefit to using an SSH key? What do you all use?
12 Replies
ErickO
ErickO•3y ago
SSH key just means you don't have to enter your username/pwd every time you do something
Joao
Joao•3y ago
The benefit is that it's more secure and it guarantees it's you making the commits. Granted, this may not seem like much in the context of version control but it's definitely good security. It's also very convenient as all you need is a file in your system, which you can copy to the new computer. Also, you can revoke access to a particular SSH key at anytime if you find that is has been compromised.
ErickO
ErickO•3y ago
some people will say SSH keys are more secure, this isn't necessarily true, as long as you have a good password they're both essentially equal
Joao
Joao•3y ago
If you use username/password you can configure the git client to remember those, although for GitHub it won't work anymore
Kernix
KernixOP•3y ago
What do you mean it won't work anymore? Since when? And I don't think I used a password, I jusy ran these commands:
git config --global user.name "Github user name"
git config --global user.email "[email protected]"
git config --global user.name "Github user name"
git config --global user.email "[email protected]"
Joao
Joao•3y ago
Since last year, you cannot commit code using HTTPS anymore. And yes, I meant username and email, not password sorry. two years ago already, wow: https://github.com/hub4j/github-api/issues/789 I think you misspelled "most people" there? 🙂
ErickO
ErickO•3y ago
yeah I guess most people believe that because all the articles regurgitate the same thing
Kernix
KernixOP•3y ago
Ah man, I must have got in right before that. So I don't have an option - I HAVE to do the SSH option, correct? I hope I can figure it out. Any really good docs on all the steps?
ErickO
ErickO•3y ago
https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent it's dead simple really you generate a key, copy the public key, add key to github end
Joao
Joao•3y ago
With username and password you cannot revoke a particular key if you ever need to. You also cannot verify who did what if you were to share those same credentials. Those make a strong argument in favor of SSH as a secure way of authenticating. If you have evidence to support your claims, please share It's very easy to do but ask away if you have any questions
Kernix
KernixOP•3y ago
Okay, thanks to both of you. I won't be trying it until tomorrow but it looks like that link is similar to my notes so I'll follow the steps. BTW, were people like myself grandfathered in if they set up the connection with username and email before the change?
Joao
Joao•3y ago
Yes, everyone was required to move on to using SSH so you are definitely not alone 😄
Want results from more Discord servers?
Add your server