From: Derrick Stolee <stolee@gmail.com>
To: "lilinchao@oschina.cn" <lilinchao@oschina.cn>, git <git@vger.kernel.org>
Cc: Jeff King <peff@peff.net>, mjcheetham@github.com
Subject: Re: [QUESTION]Is it possible that git would support two-factor authentication?
Date: Wed, 11 Aug 2021 09:54:03 -0400 [thread overview]
Message-ID: <7c5df686-79ad-1cd8-6f14-d97e1b88bbfb@gmail.com> (raw)
In-Reply-To: <66e42438fa9311ebaeb60026b95c99cc@oschina.cn>
On 8/11/2021 7:00 AM, lilinchao@oschina.cn wrote:
> Many websites support two-factor authentication(2FA) to log in, like Github, I wander if we can support it in application layer.
> When client clone something, they need input username and password, it is like a website login process. For security, we can
> enable 2FA during this process.
Typically, this is handled at the credential helper layer, which
is a tool outside of the Git codebase that can more closely work
with such 2FA/MFA requirements. For example, GCM Core [1] supports
2FA with GitHub, Azure DevOps, and BitBucket.
[1] https://github.com/microsoft/Git-Credential-Manager-Core
The mechanism is that Git attempts an operation and gets an error
code, so it asks for a credential from the helper. The helper
then communicates with the server to do whatever authentication
is required, including possibly performing multi-factor auth.
All of these details are hidden from Git, which is good.
I've CC'd Matthew Cheetham who is the maintainer of GCM Core to
correct me if I misstated anything here.
Thanks,
-Stolee
next prev parent reply other threads:[~2021-08-11 13:56 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-11 11:00 [QUESTION]Is it possible that git would support two-factor authentication? lilinchao
2021-08-11 13:50 ` Konstantin Ryabitsev
2021-08-11 15:23 ` Theodore Ts'o
2021-08-13 22:56 ` brian m. carlson
2021-08-11 13:54 ` Derrick Stolee [this message]
[not found] ` <9b199de2faab11eba548a4badb2c2b1195555@gmail.com>
2021-08-13 7:49 ` lilinchao
2021-08-14 22:02 ` Johannes Schindelin
[not found] ` <BEBB4A79-9773-4701-A8C5-06C20AB42686@github.com>
[not found] ` <1F2C610F-8800-466A-A0CA-7A6068A14805@github.com>
[not found] ` <D8CFA50F-266A-4995-8058-D29A2D490D5F@github.com>
2021-08-17 10:19 ` Matthew Cheetham
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7c5df686-79ad-1cd8-6f14-d97e1b88bbfb@gmail.com \
--to=stolee@gmail.com \
--cc=git@vger.kernel.org \
--cc=lilinchao@oschina.cn \
--cc=mjcheetham@github.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).