Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 1 | git-credential-store(1) |
| 2 | ======================= |
| 3 | |
| 4 | NAME |
| 5 | ---- |
Jeff King | c6632eb | 2012-08-08 14:34:49 -0400 | [diff] [blame] | 6 | git-credential-store - Helper to store credentials on disk |
Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 7 | |
| 8 | SYNOPSIS |
| 9 | -------- |
| 10 | ------------------- |
Robert P. J. Day | de61305 | 2018-05-24 16:11:39 -0400 | [diff] [blame] | 11 | git config credential.helper 'store [<options>]' |
Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 12 | ------------------- |
| 13 | |
| 14 | DESCRIPTION |
| 15 | ----------- |
| 16 | |
| 17 | NOTE: Using this helper will store your passwords unencrypted on disk, |
| 18 | protected only by filesystem permissions. If this is not an acceptable |
| 19 | security tradeoff, try linkgit:git-credential-cache[1], or find a helper |
| 20 | that integrates with secure storage provided by your operating system. |
| 21 | |
| 22 | This command stores credentials indefinitely on disk for use by future |
Thomas Ackermann | 2de9b71 | 2013-01-21 20:17:53 +0100 | [diff] [blame] | 23 | Git programs. |
Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 24 | |
| 25 | You probably don't want to invoke this command directly; it is meant to |
| 26 | be used as a credential helper by other parts of git. See |
| 27 | linkgit:gitcredentials[7] or `EXAMPLES` below. |
| 28 | |
| 29 | OPTIONS |
| 30 | ------- |
| 31 | |
Jeff King | e50cd67 | 2014-11-06 02:40:32 -0500 | [diff] [blame] | 32 | --file=<path>:: |
Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 33 | |
Paul Tan | 44b2289 | 2015-03-24 13:20:28 +0800 | [diff] [blame] | 34 | Use `<path>` to lookup and store credentials. The file will have its |
Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 35 | filesystem permissions set to prevent other users on the system |
Elijah Newren | 8936352 | 2023-10-08 06:45:07 +0000 | [diff] [blame] | 36 | from reading it, but it will not be encrypted or otherwise |
Paul Tan | 44b2289 | 2015-03-24 13:20:28 +0800 | [diff] [blame] | 37 | protected. If not specified, credentials will be searched for from |
| 38 | `~/.git-credentials` and `$XDG_CONFIG_HOME/git/credentials`, and |
| 39 | credentials will be written to `~/.git-credentials` if it exists, or |
| 40 | `$XDG_CONFIG_HOME/git/credentials` if it exists and the former does |
| 41 | not. See also <<FILES>>. |
| 42 | |
| 43 | [[FILES]] |
| 44 | FILES |
| 45 | ----- |
| 46 | |
Matthieu Moy | bcf9626 | 2016-06-28 13:40:11 +0200 | [diff] [blame] | 47 | If not set explicitly with `--file`, there are two files where |
Paul Tan | 44b2289 | 2015-03-24 13:20:28 +0800 | [diff] [blame] | 48 | git-credential-store will search for credentials in order of precedence: |
| 49 | |
| 50 | ~/.git-credentials:: |
| 51 | User-specific credentials file. |
| 52 | |
| 53 | $XDG_CONFIG_HOME/git/credentials:: |
| 54 | Second user-specific credentials file. If '$XDG_CONFIG_HOME' is not set |
| 55 | or empty, `$HOME/.config/git/credentials` will be used. Any credentials |
| 56 | stored in this file will not be used if `~/.git-credentials` has a |
| 57 | matching credential as well. It is a good idea not to create this file |
| 58 | if you sometimes use older versions of Git that do not support it. |
| 59 | |
| 60 | For credential lookups, the files are read in the order given above, with the |
| 61 | first matching credential found taking precedence over credentials found in |
| 62 | files further down the list. |
| 63 | |
| 64 | Credential storage will by default write to the first existing file in the |
| 65 | list. If none of these files exist, `~/.git-credentials` will be created and |
| 66 | written to. |
| 67 | |
| 68 | When erasing credentials, matching credentials will be erased from all files. |
Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 69 | |
| 70 | EXAMPLES |
| 71 | -------- |
| 72 | |
| 73 | The point of this helper is to reduce the number of times you must type |
| 74 | your username or password. For example: |
| 75 | |
| 76 | ------------------------------------------ |
| 77 | $ git config credential.helper store |
| 78 | $ git push http://example.com/repo.git |
| 79 | Username: <type your username> |
| 80 | Password: <type your password> |
| 81 | |
| 82 | [several days later] |
| 83 | $ git push http://example.com/repo.git |
| 84 | [your credentials are used automatically] |
| 85 | ------------------------------------------ |
| 86 | |
| 87 | STORAGE FORMAT |
| 88 | -------------- |
| 89 | |
| 90 | The `.git-credentials` file is stored in plaintext. Each credential is |
| 91 | stored on its own line as a URL like: |
| 92 | |
| 93 | ------------------------------ |
| 94 | https://user:pass@example.com |
| 95 | ------------------------------ |
| 96 | |
Junio C Hamano | 20b4964 | 2020-04-28 11:15:15 -0700 | [diff] [blame] | 97 | No other kinds of lines (e.g. empty lines or comment lines) are |
| 98 | allowed in the file, even though some may be silently ignored. Do |
| 99 | not view or edit the file with editors. |
| 100 | |
Thomas Ackermann | 2de9b71 | 2013-01-21 20:17:53 +0100 | [diff] [blame] | 101 | When Git needs authentication for a particular URL context, |
Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 102 | credential-store will consider that context a pattern to match against |
| 103 | each entry in the credentials file. If the protocol, hostname, and |
| 104 | username (if we already have one) match, then the password is returned |
Thomas Ackermann | 2de9b71 | 2013-01-21 20:17:53 +0100 | [diff] [blame] | 105 | to Git. See the discussion of configuration in linkgit:gitcredentials[7] |
Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 106 | for more information. |
| 107 | |
| 108 | GIT |
| 109 | --- |
| 110 | Part of the linkgit:git[1] suite |