On 2024-07-18 at 19:10:54, Jeffrey Barish wrote: > -- > Jeffrey Barish > Thank you for filling out a Git bug report! > Please answer the following questions to help us understand your issue. > > What did you do before the bug happened? (Steps to reproduce your issue) > > I did: > <create a new repository> > git init > git add . > git commit -m "Initial commit" > git remote add origin https://github.com/jeffbarish/wax > git push -u origin master > > What did you expect to happen? (Expected behavior) > > I expected my files to get pushed to my repository. > > What happened instead? (Actual behavior) > > I got a popup window demanding a password for a username that appears to be a random string of characters. > > What's different between what you expected and what actually happened? > > The files should be transferred, or, at worst, I should get a request for a password for username jeffbarish > > Anything else you want to add: > > I am prepared to delete my account and start over, but I do not see a way to do that. In any case, I wonder whether there is a better solution. I'm not exactly sure what's happening, but I have some guesses. I think there's somewhere where you provided a personal access token as a username. While that works on GitHub, it's not the recommended approach, because, as you've just seen, Git prints the personal access token as plaintext since it thinks it's the username. If the token starts with `ghp_` (or `gh?_`, where `?` can be any character), then this is probably the case. To determine where that comes from, you can look at `git config -l --show-origin` to see if you've set some sort of `insteadOf` setting that rewrites the credential into the username. If so, you probably want to remove that, and instead store it in a credential helper, since the configuration isn't a secure way to store secrets. It could also be that the data is stored in your credential helper as the username. You can see what the credential protocol has to say about this with the following command (I recommend piping it to `less` so as not to leave the password in your terminal): printf 'capability[]=authtype\nurl=https://github.com/jeffbarish/wax\n' | GIT_TERMINAL_PROMPT=0 git credential fill If the string of characters is in the username and not in the password, then that would explain why you're being prompted for that. To fix that, you can take the same output, change the username field to "jeffbarish", change the password field to your token, and then pipe that to "git credential approve". That should set the right data in your credential manager. That might also bring up the prompt window you've seen before. In that case, you may change the right side of the pipe to this: env -u DISPLAY -u WAYLAND_DISPLAY GIT_TERMINAL_PROMPT=0 git credential fill That will prevent any sort of UI command being run. If you want to just erase credentials from your credential manager, then you can do that with this: echo url=https://github.com | git credential reject Then, the next time you're prompted for credentials, enter your username as "jeffbarish" and generate a personal access token from the GitHub website (in Settings → Developer Tools) and paste that in for the password. Don't use your actual GitHub password because GitHub doesn't allow pushing with a username and password. However, if you're using Git Credential Manager Core as your credential helper, it _will_ ask you for your password to do an OAuth request and issue a token automatically that way, and then you do need your actual password and 2FA information. -- brian m. carlson (they/them or he/him) Toronto, Ontario, CA
Attachment:
signature.asc
Description: PGP signature
