Read Anthropic’s case study about Graphite Reviewer

Git clone SSH vs HTTPS

Greg Foster
Greg Foster
Graphite software engineer


Note

This guide explains this concept in vanilla Git. For Graphite documentation, see our CLI docs.


Git clone SSH vs HTTPS

Cloning a Git repository is a crucial skill for any developer, enabling you to download existing Git repositories to your local machine. There are two primary protocols for cloning repositories: SSH (Secure Shell), and HTTPS (Hypertext Transfer Protocol Secure). Each method has its own set of advantages, setup requirements, and use cases. Understanding the differences between cloning with SSH vs. HTTPS can help you choose the most suitable approach for your workflow.

SSH is a protocol that provides a secure channel over an unsecured network in a client-server architecture, offering both authentication and encryption.

When you clone a Git repository using SSH, you authenticate to the server without having to provide your username or password at each visit.

Join 20,000+ developers at top companies
Stop wrestling with Git commands
The Graphite CLI takes all the pain out of Git, allowing you to ship faster and stop googling Git commands.
main
diff1
diff2
  • Security: SSH keys provide a more secure way of logging into a server than using a password alone.

  • Convenience: Once your SSH key is set up, you don't need to enter your credentials every time you push or pull from the repository.

  1. Generate an SSH Key Pair:

    • On your local machine, generate a new SSH key pair by running ssh-keygen in your terminal. You can specify a file location for the key and a passphrase for extra security.
  2. Add the SSH key to GitHub:

    • In the GitHub web portal, navigate to Settings > SSH and GPG keys > New SSH key, paste your public key, and save.
  1. Open your terminal.

  2. Execute the command to start the ssh-agent in the background: This command should display a message indicating that the agent has started, along with its process ID.

Terminal
eval "$(ssh-agent -s)"
  1. Check if the SSH config file exists: Use open ~/.ssh/config to see if the file exists. If it doesn't, you will need to create it.

  2. Create the SSH config file if necessary: Use touch ~/.ssh/config to create the file.

  3. Open the config file: You can use a text editor to open the file, e.g., vim ~/.ssh/config

  4. Modify the config file: Add the following lines to the file, adjusting the IdentityFile path if your SSH key has a different name or location:

Terminal
Host github.com
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_ed25519
  • Note: If you didn't set a passphrase for your key, omit the UseKeychain yes line. If you encounter a configuration error, try adding IgnoreUnknown UseKeychain under a specific Host definition.
  1. Add your SSH private key to the ssh-agent: Use the following command, ensuring to replace id_ed25519 with the name of your key.
Terminal
ssh-add --apple-use-keychain ~/.ssh/id_ed25519
  • This adds your SSH key to the ssh-agent and stores your passphrase in the keychain, making it so you don't have to enter the passphrase every time the key is used.

  • Note: The -apple-use-keychain option helps store the passphrase in your keychain when adding an SSH key to the ssh-agent. If you do not have a passphrase or are not using an Apple device, adjust the command accordingly.

Join 20,000+ developers at top companies
The best engineers use Graphite to simplify Git
Engineers at Vercel, Snowflake & The Browser Company are shipping faster and staying unblocked with Graphite.
main
diff1
diff2
  • If you're prompted for the passphrase despite these steps, you may need to add the ssh-add command to your shell profile file (~/.zshrc or ~/.bash_profile).

  • Ensure you're using the correct path and filename for your SSH key when executing the ssh-add command.

This guide focuses on adding an existing SSH key to the ssh-agent, especially for macOS users. For users on other operating systems, the steps are similar, but the command to start the ssh-agent and the method to edit the SSH config file might differ.

  • Find the SSH URL of the repository and run: git clone git@github.com:user/repository.git

  • Make sure to replace github.com:user/repository.git with the actual path to your repository.

  • Specify an SSH key: If you want to use a specific SSH key, you can modify the ssh command using the i option: ssh -i /path/to/private/key.

  • For Git operations, set the GIT_SSH_COMMAND environment variable: export GIT_SSH_COMMAND="ssh -i /path/to/private/key".

  • Debugging SSH: Use ssh -T git@github.com (replace github.com with your Git server) to test your SSH connection.

HTTPS is a protocol for secure communication over a computer network. In the context of Git, it is used to securely transfer repository data over the internet.

  • Ease of setup: Cloning with HTTPS is straightforward and doesn't require setting up SSH keys.

  • Universally accessible: HTTPS cloning works through firewalls and proxy servers.

  1. Clone the Repository:

    • Find the HTTPS URL of the repository and run: git clone <https://github.com/user/repository.git>

    • Replace https://github.com/user/repository.git with the actual path to your repository.

  • Credential caching: To avoid entering your username and password with every push/pull, you can use a credential helper: git config --global credential.helper cache.

  • Two-factor authentication (2FA): If you have 2FA enabled, you'll need to generate a personal access token and use that instead of your password.

  • Use SSH when:

    • You need a secure method without entering your credentials frequently.

    • You have direct access to the server or have the ability to add SSH keys to your Git server.

  • Use HTTPS when:

    • You prefer a setup that works immediately without generating SSH keys.

    • You are working behind a firewall or proxy that restricts SSH traffic.

Both SSH and HTTPS are secure methods to clone and interact with Git repositories, each with its own set of advantages. Your choice between SSH and HTTPS may depend on your specific needs for security, convenience, and the setup you're willing to do.

Graphite
Git stacked on GitHub

Stacked pull requests are easier to read, easier to write, and easier to manage.
Teams that stack ship better software, faster.

Or install our CLI.
Product Screenshot 1
Product Screenshot 2