2

So I had git running on my computer just fine. My password was saved with the osxkeychain thingy and everything ran smoothly. Today I decided I should be safe and enable google authenticator 2-step authentication on all the sites that support it. Interestingly github supports it so I set it up. It works fine through the website interface. I proceed to branch a project I'm working on and do a bit of work and then I try to push the new branch up. Not surprised at all when I find out my authentication doesn't work. What is surprising to me is that I can't seem to find anything at all on google to solve my problem.

my initial error was this:

git push --set-upstream origin binary-dev
remote: Invalid username or password.
fatal: Authentication failed for 'https://github.com/***/***.git/'

I then purged my old password stuff to get the interactive prompt with:

git credential-osxkeychain erase
host=github.com
protocol=https

And that worked at getting rid of my old settings but now I get:

git push --set-upstream origin binary-dev
Username for 'https://github.com': ***
Password for 'https://***@github.com':
remote: Invalid username or password.
fatal: Authentication failed for 'https://github.com/***/***.git/'

So git itself doesn't seem to know about the google authenticator. I literally can't seem to find any information on this. About half the pages are about how to set it up on the website and the other half are how to fork the actual google authenticator source code. I may not be creative enough with my keywords though. There may also be no solution but then I have to wonder why github offers 2-factor auth at all? Is there anyone out there who's been stuck here like me and has found a way out? Any help would be greatly appreciated. I just want git to work like it did before I added the 2-step auth to github.

Thanks in advance,
Max

Answer:
So the way I got it working was to bypass the 2-step authentication using: https://help.github.com/articles/providing-your-2fa-security-code#through-the-command-line

Thanks to "c4urself" over on serverfault.

Improve this question
2
  • I would report this as a bug wouldn't be shocked if the client didn't have support for this security feature
    – Ramhound
    Commented Jan 30, 2014 at 3:40
  • Please post that as answer as a proper answer, not as an edit
    – Sathyajith Bhat
    Commented Jan 30, 2014 at 13:19

1 Answer 1

Reset to default
2

Use SSH access to get the content, which gets away from the network-based password access. The 2-factor then protects website access, which is still very useful, especially given the admin actions which can happen there.

Every engineer at work has 2F plus SSH. Works well.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .