summaryrefslogtreecommitdiffstats
path: root/Documentation/git-credential-store.txt
blob: 693dd9d9d760fe2a113d4e15ab7816f34b2cd47d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
git-credential-store(1)
=======================

NAME
----
git-credential-store - Helper to store credentials on disk

SYNOPSIS
--------
-------------------
git config credential.helper 'store [<options>]'
-------------------

DESCRIPTION
-----------

NOTE: Using this helper will store your passwords unencrypted on disk,
protected only by filesystem permissions. If this is not an acceptable
security tradeoff, try linkgit:git-credential-cache[1], or find a helper
that integrates with secure storage provided by your operating system.

This command stores credentials indefinitely on disk for use by future
Git programs.

You probably don't want to invoke this command directly; it is meant to
be used as a credential helper by other parts of git. See
linkgit:gitcredentials[7] or `EXAMPLES` below.

OPTIONS
-------

--file=<path>::

	Use `<path>` to lookup and store credentials. The file will have its
	filesystem permissions set to prevent other users on the system
	from reading it, but will not be encrypted or otherwise
	protected. If not specified, credentials will be searched for from
	`~/.git-credentials` and `$XDG_CONFIG_HOME/git/credentials`, and
	credentials will be written to `~/.git-credentials` if it exists, or
	`$XDG_CONFIG_HOME/git/credentials` if it exists and the former does
	not. See also <<FILES>>.

[[FILES]]
FILES
-----

If not set explicitly with `--file`, there are two files where
git-credential-store will search for credentials in order of precedence:

~/.git-credentials::
	User-specific credentials file.

$XDG_CONFIG_HOME/git/credentials::
	Second user-specific credentials file. If '$XDG_CONFIG_HOME' is not set
	or empty, `$HOME/.config/git/credentials` will be used. Any credentials
	stored in this file will not be used if `~/.git-credentials` has a
	matching credential as well. It is a good idea not to create this file
	if you sometimes use older versions of Git that do not support it.

For credential lookups, the files are read in the order given above, with the
first matching credential found taking precedence over credentials found in
files further down the list.

Credential storage will by default write to the first existing file in the
list. If none of these files exist, `~/.git-credentials` will be created and
written to.

When erasing credentials, matching credentials will be erased from all files.

EXAMPLES
--------

The point of this helper is to reduce the number of times you must type
your username or password. For example:

------------------------------------------
$ git config credential.helper store
$ git push http://example.com/repo.git
Username: <type your username>
Password: <type your password>

[several days later]
$ git push http://example.com/repo.git
[your credentials are used automatically]
------------------------------------------

STORAGE FORMAT
--------------

The `.git-credentials` file is stored in plaintext. Each credential is
stored on its own line as a URL like:

------------------------------
https://user:pass@example.com
------------------------------

When Git needs authentication for a particular URL context,
credential-store will consider that context a pattern to match against
each entry in the credentials file.  If the protocol, hostname, and
username (if we already have one) match, then the password is returned
to Git. See the discussion of configuration in linkgit:gitcredentials[7]
for more information.

GIT
---
Part of the linkgit:git[1] suite