All this while I have been using username and password while pushing my changes to github. But from Aug 13 2021, github will no longer accept password based authentication and hence I have to use Personal Access Tokens. I have couple of questions regarding this:
Do I need to make any changes to my previous repos which were pushed using password?
What are the next steps that I need to do after creating PAT, if there are any? should I just use it the next time I am pushing a repo or is there more to it?
Thanks!
The change to personal access tokens doesn't affect data that's already pushed. It only affects new attempts to push, so all of your old code should be fine.
Because a personal access token is pseudorandomly generated and hard to remember, if you haven't already, you should set up a credential manager. On Linux, that's usually the libsecret credential helper. If your distro has it packaged, install it, and then the next time you're prompted for your username and password, enter your username and PAT instead. Then it will be saved for the future.
On Debian and Ubuntu, the libsecret credential helper isn't packaged, and you'll need to copy the contents of /usr/share/doc/git/contrib/credential/libsecret into a temporary directory, install the libsecret-1-dev and build-essential packages, and then run make in that directory. Then copy the git-credential-libsecret binary into someplace in PATH, such as ~/bin (if you have such configured).
Note that if you're working on a Linux system without a desktop environment, then the libsecret credential helper won't work, and you may wish to use an SSH key and SSH remotes instead.
Related
I would like to share my NodeRed Code in Github as part of an IOT project, however I would like to keep some of my data private (wifi password, database password, etc).
I could manually erase this information, but this would not be very practical, since I would have to do it every time I update the file.
In my python scripts I use os.environ.get to save my passwords and upload to GitHub securely.
¿Is there some way to set up Node-Red to easily push to GitHub without revealing sensitive information?
Node properties can be pulled from environment variables using the ${} syntax. This is implemented by the runtime so should work in all nodes. If the node uses the typed input widget then they should also support environment variables directly.
Details are in the documentation here: https://nodered.org/docs/user-guide/environment-variables
Secondly any node options that are explicitly tagged as credentials are stored in a separate encrypted file _creds.json. By default this is encrypted in a randomly generated key on first run and stored in a hidden file in the userDir, but you can set your own key in the settings.js file.
If you use the Projects feature to store your flows in a git repository then you will be prompted for the encryption key needed as part of setting up the project or when you check it out. Documentation for projects is here:
https://nodered.org/docs/user-guide/projects/
I was thinking to use dropbox to upload my source code of a web-application. For this folder i would create a shared link. This link i like to use to download all the latest source files on my test server (instead of using s/FTP).
Now i know you can use dropbox with linux by installing their version, but it requires to create account. I don't want to use a account, and for sure don't want to use my own account.
Is there anyway to use a shared (folder) link, and download all the files in that folder command-line, without a account (maybe something like wget) ? There is no need for live-syncing, it would be fine to trigger the download with some bash script.
Thanks.
If you're ok with your links being public (which i think is not a good idea) , then you can just create a file with a list of links to your files and then create a bash script to loop over each line of the file get the link with wget
If you want to use authentication, you'll have to register for a Dropbox API key and then create a script (in python,ruby or java etc) to authenticate and get the files.
If you don't have a specific need for dropbox, i'll recommend you use git (or similar). With git you'll just have to create the repository on your server and clone it on your desktop. Then you can just edit your files and push it to the server.... it's so much easier.
Rogier, github has become the norm for hosting code. There are other options (Sourceforge, Google Code, Beanstalk) or you can set up a private git repository on your own computer.
Somewhere deep in my browser history there's an article about how to do that.
However a little googling turned up http://news.ycombinator.com/item?id=1652414. Let me know if you can't find some satisfactory instructions on your own of how to set up a git repo on your computer.
Environment : Eclipse Indigo, Ubuntu 11.04, Subclipse 1.6
SVN Clients : Subclipse, RabbitVCS
I'm connecting via svn+ssh. My URL looks like :
svn+ssh://[MY NAME]#[MY DOMAIN]/[PATH]
I can connect to the repo just fine. The problem is that every time I try to communicate with the repo, it prompts me for a password. Really annoying!
I get the impression that SVN has the ability to cache passwords -- I've read that's what the ./subversion/auth folder is for. However, my ./subversion/auth folder contains four empty folders.
I've experienced this behavior with both Subclipse and RabbitVCS.
Is there any way to force SVN to cache my credentials?
You need to use Public Key Authentication with SSH:
https://help.ubuntu.com/community/SSH/OpenSSH/Keys
It will enable you to used svn over ssh without entering a password every single time, with help of a common SSH agent.
Subversion itself caches credentials only to servers using HTTP/DAV.
Maybe this may help to someone. Check whether ~/.subversion folder is owned by wrong user, so it may be read-only to user who is using it.
sudo chown -R your_username:your_group ~/.subversion
How do I change the SVN password from command line?
It is the best way for me if it can be done from the command line.
There are multiple ways passwords are setup on Subversion. It depends upon the server you're using (svnserve, http, svn+ssh), and the way the administrator has set everything up.
Subversion doesn't contain a built in authentication method. Instead, it can use many different external authentication methods from the very simple to the extremely complex. Some will allow users to change their own passwords and even setup their own accounts. Others require a system administrator to do it. It all depends upon your particular setup.
On our site, we use Apache http to serve our Subversion repository (svn co http://server/src/repos). I've set it up to use our Windows Active Directory, so the user's username and password is their Windows' username and password. It means I don't have to handle users' I forgot my password requests, and passed the whole account headache to our Windows administrators.
Some sites use Apache http, but use a password file located on the Apache server itself. This is usually called htpasswd and its location is configured by the Subversion administrator. It's possible that the System administrator has a way to let the users set their own passwords, but that's not necessarily true. In this instance, you have to contact the administrator and ask them to change your password.
Some sites use svnserve (svn co svn://server/repos). The standard way this is setup is that there's a passwd file in the Subversion repository's config directory. This is located on the system that's running the server, and you have no access to it. Again, you have to contact the system administrator.
Some sites use SASL for their authentication. This can use Windows Active Directory, LDAP, or any number of authentication methods. Sometimes you can set your own password, sometimes you have to ask the administrator how it's done.
So, you're going to have to ask your Subversion administrator how to change your password. If you're lucky, there's a way to do it yourself. If not, you'll have to ask your Subversion administrator to change it.
You must edit a file under your /repo/conf/passwd using a command line editor like Vim.
There is no way to do this with Subversion command-line utilities like svnadmin.
If https is used, the password may be defined by Apache. This is what I needed to do to change password, in case it helps someone else:
# using root account
cd /etc/apache2
cat foo.passwd # the right user, foobar was found here
# copy the line for foobar, in case you want to restore it!
man htpasswd # a little refresher on what the command does
htpasswd foo.passwd foobar
# new password is prompted
cat foo.passwd # check that the line for this user actually got changed
Then do checkout with https to verify the right password got changed.
This is what I have to do:
cd /etc/httpd/conf/svn
backup current svn-auth just in case
cp svn-auth.htdigest svn-auth.htdigest«yymmDD»
htdigest svn-auth.htdigest “Subversion Repository” «user-name»
It was ask for new passwsord
htpasswd -m C:\csvn\data\conf\svn_auth_file admin
I recommend installing the Collabnet SubVersion Edge bundle, since it includes a Web tool for allowing users to change their passwords on their own.
Please excuse the frustrating undertones as I have attempted to get this set up correctly multiple times to no avail (possibly and most likely due to my ignorance, but also likely due to the lack of thorough and concise documentation).
I am trying to set up a git server so that I can share code amongst a small team of developers. Each developer may connect from multiple client PC's. I come from MS in the past so I am a bit spoiled in regards to development toolset, but it would be awesome if I could get something similar to TFS.
When trying to set up either gitosis (I understand this is deprecated for the git community per https://serverfault.com/questions/225495/ubuntu-server-gitosis-user-naming-convention) or gitolite, it seems as though as soon as I set it up I have to be extremely careful because it seems everything is balancing on toothpicks.
My latest attempt to set up a git server included moving my public key (benny.pub) from my laptop to the server, setting everything using that public key and pulling down the config to set up a repo and permissions. I then realized I want to develop on another PC so I created a new key (benny#desktop.pub) and renamed benny.pub to benny#laptop.pub which screwed things up obviously. This is where I know I was dumb by changing the name.
My question after a long-winded description is this: how can I set up a sturdy self-hosted git server with the ability to have multiple developers log in from multiple machines while maintaining security, etc? There has to be a proven technique (gitolite describes maybe 4-5 different ways...also frustrating) to do this as I'm sure I'm not the only one trying to do this exact same thing. Maybe git isn't right for my team?
Any help is greatly appreciated!
From my experience, all you need is a SSH server with a single git account/login that you are able to connect to using one of your public keys. Install gitolite using SSH (copies gitloite from your client to the server & does the basic setup) and have your developers send you their public keys. Add these keys to the gitolite-admin repository in your ~ and push.
Why does a developer need more than one keypair in the first place, even if multiple machines are used? Such cases will neither influence how SSH handles authentication nor how gitolite handles authorization: they're still SSH keys.
If a developer has to use several keypairs (one for git, another for some other server), let them handle the complexity and advise them to create an entry in ~/.ssh/config for each keypair/server combination they use.
If a developer has a different keypair on every machine used, gitolite groups can combine several public keys:
#agross = agross-1 agross-2
A couple of pointers:
The section about git on the server on Scott Chacon's pro git book
Gitorious is FOSS
I maintain a gitosis config at work, and when a developer has multiple ssh keys, all I have to do is put all these keys in the same keydir/user.pub file.
So concatenate all your keys into keydir/benny.pub and you shoud be all set.
There are a few open source git hosting solutions with a web-based UI for creating repositories and adding users (like GitHub:FI)... though I don't know about restricting access:
Gitorious (Ruby)
InDefero (PHP)
Girocco (Perl, shell scripts)
HTH
i am using debian with every developer having an account on the server. i use ssh with private key login. Finally a developer has to use a url like ssh://username#example.com/git-repo/repo.git to checkout or in any case interact with git on repo
I think the problem is that you ssh client (windows or linux version) is not finding the key file. I had the same problem and solved this way:
In my notebook, generated the key file (rafael.nicoletti#mycorporation) in ~/.ssh folder (where ~ is home folder. windows version is %HOME% env)
I added a file name config in ~/.ssh with following content:
IdentityFile ~/.ssh/rafael.nicoletti#corporation
In every location i want to access my git servers, i just copy those files in my %HOME% folder
You can also put the some things like this in config file:
IdentityFile /d/identity.key
IdentityFile /e/identity.key
IdentityFile /f/identity.key
IdentityFile /.../identity.key
So the config will look for keys in removable medias.