How to maintain git cmd line experience with App passwords?

Psyberion January 30, 2022

I use only the linux command line on various machines using different local accounts, Some have a reduced set of software/commands available. However I can clone/push/pull with git using https with my account and memorable (but not short or simple) account password to my hearts content.

Now this needs to change because of the move to App passwords and it has raised some concerns:

I don't think I can set the App password to something memorable, I can only use the random one created for me by BitBucket. Writing the App password down on a piece of paper and carrying it from machine to machine isn't a great idea security-wise.

I could put the git commands along with the App passwords into script files and run those instead of the git commands directly, but then that leaves a plain text version of the App password on the machine. I'd need to do that on each machine when required. Plus if permissions need to be changed on the App password it would need to be revoked and recreated and the autogenerated password would change.

I believe that if I use SSH then I will need a key file? I don't have any way to put files on many of the machines, no disk or USB access. Writing the key down on a piece of paper and typing that into a file at each machine isn't really practical.

I have been keeping repositories on both BitBucket and GitHub, pushing to both as I haven't quite made up my mind which to use. If all else fails, perhaps this will be the final decider. Unless GitHub are doing something similar? In which case I guess I will just return to hosting repositories somewhere myself.

Any ideas or pointers gratefully received.

1 answer

0 votes
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 31, 2022

Hi @Psyberion,

For HTTPS, one option is to make use of a credential helper that will store passwords (in this case an app password) encrypted.

If there is an SSH client in these machines, you can generate an SSH key pair for each machine from the command line, you can take a look here

https://support.atlassian.com/bitbucket-cloud/docs/set-up-an-ssh-key/

and then upload each public key to your Bitbucket Cloud account. This way you will not have to manage passwords, as authentication will be made with the SSH keys.

Kind regards,
Theodora

Psyberion February 6, 2022

Thanks Theodora,

I opted for the SSH route as that is available, it's a bit convoluted to get the public key to another machine to then upload to bitbucket, or manually type it in on another machine as these machines don't have a browser. But at least it's a one-off thing and then just works once set up. So I've gone with using SSH.

Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 8, 2022

Hi @Psyberion,

You're very welcome, it's good to hear that SSH works for you.

Please feel free to reach out if you ever need anything else.

Kind regards,
Theodora

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events