|
|
On 11/17/21 1:11 PM duncan wrote:
The short question:
Specifically, what is your preferred method of two factor
authentification, etc ?
The short answer: I'm using 2FA with FreeOTP (Android app) for login
to GitHub and ssh access for `git push`.
[TL;DR]
Albrecht just accepted a pending pull request of mine
relating to documentation
so I thought I would tidy up my local git repository and my
fork on github to remove
the obsolete branch. I originally set up github access via
https but now I get:
$ git remote -v
$ git pull upstream
master
...
$ git push origin
master
...
remote: Support for
password authentication was removed on August 13, 2021. Please
use a personal access token instead
fatal: Authentication
failed ...
If they still tell you to use a personal access token then you can
go to your account setup and create such a personal access token.
This is IMHO nothing but a long password and you should be able to
use it instead of a password with https:... But I'm not using this
anymore because I'm using ssh with public/private key
authentication.
So my question, which method do you use, and which
authentication tools/apps, if any?
As said above, I'm using FreeOTP for the second factor, but there
are lots of tools that let you generate a time based (6 figure)
access token. Google authenticator is (IIRC) one of them.
I've been through the link several times but can't work out
which is the best way to go
especially as I've seen elsewhere that the recovery codes can
be superseded in some
cases which means you can be locked out.
Hmm, I'm not aware of cases when the recovery codes can be
superseded by any means other than using them or creating new ones.
I saved mine and hope this doesn't happen. I believe (but I'm not
sure) that you can also leave your phone number for a callback or
SMS code or some such.
My experience with GitHub docs is that you turn in circles if you
want to read the "whole" docs about a topic. Unfortunately.
If you ever set up ssh access with a public/private key the ssh
setup docs are more or less straight-forward, particularly if you're
doing this on a Linux system like me. If you have only Windows and
never did it yourself before this might be a little harder.
Anyway, my recommendation is ssh with public/private key for `git
push` and 2FA with OTP (FreeOTP) for one time tokens (which is
different from that "personal access token" you can use for https
access).
HTH
Cheers
D.
P.S. Does this also need to be updated in the GIT for FLTK
developers article?
I wrote "GitHub has lots of information (help pages) regarding this
and I don't want to duplicate this information. Please follow the
links below..."
It's not my lazyness but I believe that nobody can describe this
better than the GitHub folks themselves.
--
You received this message because you are subscribed to the Google Groups "fltk.coredev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fltkcoredev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/fltkcoredev/d8d55d2c-f35f-9787-9012-b84e76b9bb37%40online.de.
[ Direct Link to Message ] | |
|
| |