--- title: 3-github-authentication-from-terminal --- # GitHub Authentication from the Terminal: Tokens vs. SSH ## Why we're walking through this topic Many people first run into GitHub authentication *after* they have successfully created a repository and started working locally. The confusion usually appears at the same moment: > “I ran `git push`, Git asked for a password, and my GitHub password didn’t work.” This document explains **why that happens**, what a **token** is, how to create one on GitHub, and when you might (or might not) want to think about **SSH** instead. The goal is conceptual clarity—not memorizing UI clicks. --- ## The key change to know about GitHub no longer allows your **account password** to be used for Git operations in the terminal. Instead, GitHub requires: - a **Personal Access Token (PAT)** when using HTTPS, or - an **SSH key** when using SSH This is a security feature, not a mistake on your part. --- ## Mental model: what Git is asking for When you run: ```bash git push ``` Git is essentially asking GitHub: > “I want to update this repository. Is that allowed?” GitHub replies: > “Only if you can prove who you are.” That proof can take different forms: - a **token** (most common for beginners) - an **SSH key** (more advanced, but convenient long-term) --- ## What a GitHub token is (plain language) A **Personal Access Token** is: - a *password substitute* used by tools like Git - limited in scope (you choose what it can do) - revocable at any time - safer than using your real password A helpful way to think about it: > **Your GitHub password proves who *you* are.** > **A token is a key you hand to Git so it can act on your behalf.** Git never knows it’s a token—it just passes the string to GitHub. --- ## When you need a token (and when you might not) You usually need a token if: - you are using Git from the **terminal**, and - your repository URL starts with `https://github.com/...` You may *not* notice tokens if: - your IDE handled authentication for you - Git cached credentials from earlier work - you are using SSH instead of HTTPS Tokens often appear at the moment you push *for the first time*. --- ## How to create a token on GitHub (text-only walkthrough) GitHub’s interface changes occasionally, but the structure is stable. You can navigate it reliably using these labels. 1. Log in to GitHub 2. Click your **profile picture** (top-right) 3. Choose **Settings** 4. In the left sidebar, scroll down to **Developer settings** 5. Click **Personal access tokens** 6. Choose **Tokens (classic)** (this is the simplest option for Git) 7. Click **Generate new token** When configuring the token: - Give it a **descriptive name** (e.g., “Terminal Git access”) - Set an **expiration** (30–90 days is reasonable) - Under scopes, check **repo** (this is usually sufficient) GitHub will then show you the token **once**. > Copy it and store it securely. You won’t be able to view it again. If GitHub’s wording changes slightly, look for terms like *Developer settings*, *Personal access tokens*, or *Generate token*—those anchors are consistent. --- ## Using the token when Git asks for a password The next time you run: ```bash git push ``` You may see: ```text Username for 'https://github.com': Password for 'https://github.com': ``` Enter: - **Username** → your GitHub username - **Password** → paste the token That’s it. Git will usually store the token using your system’s credential helper, so you won’t need to enter it again. --- ## Tokens vs. SSH: when should you care? ### Use a token if: - You are new to Git/GitHub - You want the simplest setup - You are following most online tutorials - You don’t want to manage key files Tokens are perfectly fine for most users. --- ### Consider SSH if: - You use Git daily - You work across many repositories - You’re tired of authentication prompts - You’re comfortable with a bit of setup SSH uses a key pair stored on your machine and avoids tokens entirely—but it adds conceptual overhead. > Recommendation: **start with tokens**. Switch to SSH later *only if* you feel the friction. --- ## Common worries (and reassurance) **“Will I break something if I do this wrong?”** No. Failed authentication just fails safely. **“Is this less secure than my password?”** No—tokens are *more* secure because they are limited and revocable. **“Why didn’t GitHub accept my password?”** Because GitHub intentionally disabled that option. --- ## Summary - GitHub requires **tokens or SSH**, not passwords, for terminal access - Tokens are the simplest, safest starting point - You create a token once and reuse it - GitHub authentication is explicit by design—it gives you control > If this feels complicated at first, that’s normal. Once set up, it usually fades into the background.