Skip to content

Instantly share code, notes, and snippets.

@dmitshur
Last active December 29, 2024 12:06
Show Gist options
  • Save dmitshur/6927554 to your computer and use it in GitHub Desktop.
Save dmitshur/6927554 to your computer and use it in GitHub Desktop.
[Legacy GOPATH mode] How to `go get` private repos using SSH key auth instead of password auth.

WARNING: If you're reading this in 2021 or later, you're likely better served by reading:

(This gist was created in 2013 and targeted the legacy GOPATH mode.)

$ ssh -A vm
$ git config --global url."[email protected]:".insteadOf "https://github.com/"
$ cat ~/.gitconfig
[url "[email protected]:"]
	insteadOf = https://github.com/
$ go get github.com/private/repo && echo Success!
Success!

Sources:

@AlexanderPavlenko
Copy link

Credentials may be stored in the ~/.git-credentials file.

git config --global credential.helper store
echo "https://${GITHUB_TOKEN}:[email protected]" >> ~/.git-credentials

git:// protocol is less secure

git config --global url."https://github.com".insteadOf git://github.com

@akillmer
Copy link

akillmer commented Feb 3, 2017

I got a Raspberry Pi that I wanted to go get some private repos with; after trying a few different solutions it was the one suggested by @bobziuchkovski that did the trick -- thank you! (FWIW, using Git 2.11 and Golang 1.7.5 linux/arm)

@nikhilmahesh
Copy link

Thanks @bobziuchkovski , Your solution helped !

@dcyou
Copy link

dcyou commented Mar 22, 2017

Thanks too @bobziuchkovski

@likewei92
Copy link

I think @AlexanderPavlenko's solution is much better. Thanks!

@AndrewSav
Copy link

@AlexanderPavlenko

git:// protocol is less secure

Sorry, what? Where did you read that?

@elyscape
Copy link

elyscape commented Mar 1, 2018

@AndrewSav From Pro Git:

[The Git protocol] listens on a dedicated port (9418) that provides a service similar to the SSH protocol, but with absolutely no authentication.
[...]
The downside of the Git protocol is the lack of authentication. It’s generally undesirable for the Git protocol to be the only access to your project. Generally, you’ll pair it with SSH or HTTPS access for the few developers who have push (write) access and have everyone else use git:// for read-only access.

This is why git+ssh:// and git+https:// exist.

@hookover
Copy link

hookover commented Nov 7, 2019

I want to use only the ssh protocol
The server supports only ssh and http protocols, not git protocols

#git ls-remote ssh://[email protected]/INA_financial/common_libs.git

2ca7f8d2d53331655bb18cd91906772cb5c4dcc0        HEAD
2ca7f8d2d53331655bb18cd91906772cb5c4dcc0        refs/heads/master
436b69c6abbc6f923232877616dfb7d46eb9d22b        refs/tags/v0.1.0
bc8a543429123241493923ea9ee0214d7294c362        refs/tags/v0.1.0^{}
f1b5d04d313e9e8336a135a1e13cde3b2a5d26ec        refs/tags/v0.2.0
22b4290b0c924378a38ce04bc2b7cad21ba297c3        refs/tags/v0.2.0^{}

cat ~/.gitconfig

[user]
        email = [email protected]
[url "ssh://[email protected]:"]
        insteadOf = https://git.a.com

#env GIT_TERMINAL_PROMPT=1 go get -v git.a.com/INA_financial/common_libs.git

verifying git.a.com/INA_financial/[email protected]: git.a.com/INA_financial/[email protected]: reading https://sum.golang.org/lookup/git.a.com/!i!n!a_financial/[email protected]: 410 Gone

=========================================================================================

cat ~/.gitconfig

[user]
        email = [email protected]
[url "ssh://[email protected]:"]
        insteadOf = http://git.a.com   //change from https to http

#go get -v -insecure git.a.com/INA_financial/common_libs.git

# cd .; git ls-remote git://git.a.com/INA_financial/common_libs
fatal: unable to connect to git.a.com:
git.a.com[0: 54.255.254.175]: errno=Connection refused

get "git.a.com/INA_financial": found meta tag get.metaImport{Prefix:"git.a.com/INA_financial", VCS:"git", RepoRoot:"http://git.a.com/INA_financial.git"} at //git.a.com/INA_financial?go-get=1
# cd .; git ls-remote https://git.a.com/INA_financial/common_libs
fatal: unable to access 'https://git.a.com/INA_financial/common_libs/': Failed to connect to git.a.com port 443: Connection refused
get "git.a.com": found meta tag get.metaImport{Prefix:"git.a.com", VCS:"git", RepoRoot:"http://git.a.com.git"} at //git.a.com/?go-get=1
go get git.a.com/INA_financial/common_libs.git: git ls-remote -q http://git.a.com/INA_financial.git in /Users/jack/go/pkg/mod/cache/vcs/8dbf799342ee3e0c5c7ad8a0b4d6b190efeb7355c25556ab50721c2f4014c1e2: exit status 128:
        GitLab: The project you were looking for could not be found.
        fatal: Could not read from remote repository.
        
        Please make sure you have the correct access rights
        and the repository exists.

@g00nix
Copy link

g00nix commented Jul 5, 2020

I have the same issue as @hookover

@lempzz
Copy link

lempzz commented Jul 27, 2020

The @bobziuchkovski's comment wasn't help me.

But i'm tried to execute next commands:

git config --global url."https://<username>:<access_token>@private-git.com/".insteadOf "https://private-git.com/"

go get private-git.com/owner/repo

@g00nix
Copy link

g00nix commented Jul 27, 2020

As a note to everybody here. When adding the overwrite to .gitconfig like so:

[url "ssh://[email protected]/"]
	insteadOf = "https://example.com/"

you will also need your env var:

export GOPRIVATE="example.com"

This should actually be part of the official docs.

@bhundven
Copy link

bhundven commented Jul 31, 2020

hrm, what about sub-projects on gitlab?

$ go get gitlab.com/SomeOrg/sub-project/project
# cd .; git clone -- https://gitlab.com/SomeOrg/sub-project.git /home/bhundven/go/src/gitlab.com/SomeOrg/sub-project
Cloning into '/home/bhundven/go/src/gitlab.com/SomeOrg/sub-project'...
Warning: Permanently added 'gitlab.com,172.65.251.78' (ECDSA) to the list of known hosts.
remote: 
remote: ========================================================================
remote: 
remote: The project you were looking for could not be found.
remote: 
remote: ========================================================================
remote: 
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
package gitlab.com/SomeOrg/sub-project/project: exit status 128

Tried:

[url "[email protected]:SomeOrg"]
        insteadOf = https://gitlab.com/SomeOrg

@bhundven
Copy link

Maybe not an issue for here, but for here: https://gitlab.com/gitlab-org/gitlab-foss/-/issues/30785

@XVilka
Copy link

XVilka commented Dec 8, 2020

For those who will meet with the same problem: git config --global url."[email protected]:".insteadOf "https://github.com/" works but the local version (git config --local url."[email protected]:".insteadOf "https://github.com/") - doesn't. Likely a git bug.

@no1xsyzy
Copy link

no1xsyzy commented Feb 11, 2021

@XVilka Did you try add local config to $GOPATH/src/github.com/private/repo (by cd into it first)? In fact the local config of that repo is loaded, instead of the repo that you are working on now.

@dmitshur
Copy link
Author

This is a very old gist and may not be applicable by now. I added a warning to the top:

WARNING: This gist was created in 2013 and targets the legacy GOPATH mode. If you're reading this in 2021 or later, you're likely better served by reading https://tip.golang.org/cmd/go/#hdr-Configuration_for_downloading_non_public_code and https://golang.org/ref/mod#private-modules.

@moihn
Copy link

moihn commented May 11, 2021

For those who will meet with the same problem: git config --global url."[email protected]:".insteadOf "https://github.com/" works but the local version (git config --local url."[email protected]:".insteadOf "https://github.com/") - doesn't. Likely a git bug.

I encountered the same issue, even if I tried to setup environment variable GIT_CONFIG to point to my local git config file, it is ignored... Do you have a solution that avoids using global ~/.gitconfig file now?

@StevenACoffman
Copy link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment