Page History

...

The credential manager you will use on GNU/Linux to the personal access token depends on your desktop environment. If you are using a desktop environment with support for GNOME Keyring, then follow the instructions in the GNOME Keyring section. If you are using a GNU/Linux installation without a desktop environment (e.g. when using SSH to connect to a server) or a desktop environment that does not support the GNOME Keyring (e.g. XFCE, KDE, i3), then you need to pick a credential manager that suits your security and usability needs. The following sections will present four common choices for storing personal access tokens when you are unable to use GNOME Keyring:

• GPG
• age
• pass
• plain text files

GNOME Keyring

Credential Manager

...

$ git token store https://github.com
Username: <insert your Github username>
Password: <insert your "Personal Access Token", not your GitHub password>

Other

If you are using an environment or distribution without support for GNOME Keyring (for example if you are connecting to a GNU/Linux server over SSH), or if you want to use your own scheme for storing the PAT, then that is also supported. You can store non-sensitive data such as your username and the URL of the Git source code hosting provider in your ~/.gitconfig file in the "credential" section:

...

For the PAT itself, all Skara tools interacting with an external Git source code hosting provider's API supports the GIT_TOKEN environment variable. This means that instead of storing your PAT in a secure way in a Git credential manager you will have to secure the PAT yourself according to your security requirements. To generate a a Personal Access Token on GitHub go to https://github.com/settings/tokens and and click on "Generate new token". You only need to select the "repo" scope (permission). The following sections then give a few examples on how to securely store the PAT you just generated depending your security needs.

GPG

You can use GnuPG (GPG) to store your PAT the personal access token in an encrypted file. You will first have to store your GitHub username in the Git configuration file by running the following command (replace <USERNAME> with your GitHub username):

$ git config --global 'credential.https://github.com.username' <USERNAME>

The next step is to generate a personal access token. Go to https://github.com/settings/tokens and and click on "Generate new token". You only need to select the "repo" scope (permission). After you have generated your token, use GPG to encrypt it and store it in a file. The personal access token can be encrypted either using a GPG key or using a passphrase. If you have a GPG key you probably already know how to encrypt a file text with it, so we will only cover encrypting encryption using a passphrase here. To encrypt the PAT personal access with a passphrase and store it in a file using a passphrase, run the following command (replacing <PAT> with your the personal access token you just generated):

$ echo '<PAT>' | gpg --symmetric --ooutput ~/pat.gpg
Enter passphrase:
Repeat passphrase:

When using applicable Skara CLI tools set the GIT_TOKEN environment variable to the decrypted value, for example:Finally you must configure Git to decrypt and read the personal access from the file ~/pat.gpg when credentials are needed for https://github.com. This is done by the following command

GIT_TOKEN=$(gpg$ git config --global 'credential.https://github.com.helper' '!f() { test $1 = get && echo password=`gpg --decrypt ~/pat.gpg) git pr listgpg`; }; f'

age

You can use age to store you PAT in an encrypted file. To encrypt the file using a passphrase, run the following command (replacing <PAT> with your personal access token):

...

$ GIT_TOKEN=$(age --decrypt ~/pat.age) git pr list

...

Plain text files

...