hub clone should use HTTPS instead of SSH by default so the GCM can be used

[jamy015]

When interacting with a GitHub repo via HTTPS, the Git Credential Manager for Windows is used by default (it is installed by default with Git for Windows). The GCM is great, because it supports GitHub 2FA, so you don't need to create a token or SSH key but can just log in with your username, password and 2FA token.

However, hub clone uses the SSH URL of the repo by default (instead of the HTTPS URL). This means that when a user installs hub and blindly does a hub clone on a repo, they won't be able to use the GCM (and thus will need to do extra configuration if they have 2FA set up).

This seems like an oversight. Therefore, I propose using HTTPS instead of SSH by default (at least on Windows).

[mislav]

Thanks for suggesting. I have already planned to switch to HTTPS by default, but no open issue to track that exists except a brief discussion in #1318.

In the meantime you can do:

git config --global hub.protocol https

[darrenwee]

I'm interested in taking up this issue since it's in the hub 2.3 project. Should the behavior be like in #1318 where all remote URLs use https or should only hub clone be affected?

[mislav]

@darrenwee All URLs across the board should be affected. Changing this shouldn't be too much work in the implementation itself, but it will break a lot of tests. Let me know how it goes!

[gayanhewa]

How to I revert back to making ssh urls default for hub?

[mpacer]

@gayanhewa my guess is you can edit your global gitconfig (on OSX it's at ~/.gitconfig) and remove the line

[hub]
	protocol = https

[johnk-novu]

@mpacer I have the same question as @gayanhewa, how would I make hub default to SSH (not HTTPS). I tried

git config --global hub.protocol ssh

but am still prompted for https credentials and MFA. any thoughts? I am a brand new hub user, so maybe I am missing something obvious :)

[mislav]

but am still prompted for https credentials and MFA.

@johnk-novu You will still be prompted for HTTPS credentials on first run because hub needs to access the GitHub API, and it can only do so over HTTPS and not SSH (the latter is used for git operations such as clone, pull, push). #1644 (comment)

[johnk-novu]

@mislav ah, that makes sense. thanks so much!

[jedwards1211]

@mislav I want to add a section about the hub.protocol config to the documentation website in a PR -- where are the file(s) for the documentation website?

[mislav]

@jedwards1211 The site is the gh-pages branch of this repository.

[jedwards1211]

Thanks!

[rbavery]

Doing git config --global hub.protocol https still doesn't seem to change all hub commands from using ssh because afterwards I ran
hub create -d "Scripts for temporal mixture analysis project"

and the remote urls didn't use https

origin	git@github.com:rbavery/temporal_mixing.git (fetch)
origin	git@github.com:rbavery/temporal_mixing.git (push)

[mislav]

@rbavery We have a test that verifies that HTTPS is respected when using hub create https://github.com/github/hub/blob/7b02a665ddacd885ad017a7c6904e662c8417bf8/features/create.feature#L51-L53

Are you on the latest version?

[rbavery]

I found this was left over from before I had changed the default protocol, all good!

[friederbluemle]

Seems like this issue can be closed, as it has been addressed in #2939 🎉

[paulwratt]

probably should be another release then, current one is 2020