33 points | by
5 days ago
> Hub will prompt for GitHub username & password the first time it needs to access the API and exchange it for an OAuth token, which it saves in ~/.config/hub.
And if you don't want to use Hub for all your Git operations, you can extract the token from the file after using Hub once, or call the OAuth endpoint directly by reusing Hub's code: https://github.com/github/hub/blob/c8e68d548a39ec0fab6f674a6...
Clicking it goes to a page about how to authenticate. One of the options is:
Connecting over SSH
If you clone with SSH, you must generate SSH keys on each computer you use to push or pull from GitHub.
So just generate some ssh keys and setup ssh auth and you should be able to continue using the command line to push/pull from github.
Or, of course, copy the keys.
There are definitely computers I wouldn’t put my key on and would prefer a new one and uploading that one.
Having two keys with the same access means you still have a key on that questionable system that can do the same things, and exactly the same security concerns.
It’s usually when I’m working on a computer I don’t control root on. No idea what’s running there.
So just create a disposable key, add it, do whatever I need then I can just revoke access to whatever that key had access to.
I use `maggit` + `forge` in Emacs for all operations