mattlangan
commented
7 years ago Tarek didn't express a preference here so I just put HTTPS instructions in and noted that SSL is still an option but will not be supported by documentation for the moment.
Closed mattlangan closed 7 years ago
mattlangan
commented
7 years ago Tarek didn't express a preference here so I just put HTTPS instructions in and noted that SSL is still an option but will not be supported by documentation for the moment.
Some devs clone via https (which is authed via username + password), others via SSH (authed via public/private key set and optional passphrase for the private key).
On Windows machines there doesn't appear to be a way to store the SSH passphrase permanently, meaning devs have to re-authenticate at least once per working session (the cached passphrase is lost either upon shell restart or system restart, not entirely clear on this yet). Even getting basic temporary storage requires some hurdles and possible manual command prompts. I've tried to use a mix of ssh-agent, source tree, and GitHub client for windows to smooth out this security flow but nothing's worked yet and my GoogleStackOverflowing leads me to conclude there's no way to replicate the seamless functionality offered on OS X.
For some reason I recall an SSH passphrase being required but I can't remember if that was related to my CoA work or for something else like Heroku.
I haven't tested the https flow but it appears that it's a more seamless way to connect via Windows, and that the user/pass set can be stored so it doesn't have to be re-entered for every push or pull, or upon restart.
Before diving more into these I think it would be good for the security team to weigh in on this stuff from their perspective, and possibly define a best-practice that I will then transpose into these docs.