Cloning is a very popular theme in science fiction literature and movies. Just look at one of the most famous brands, Star Wars and II episode of that saga – Attack of the Clones. This topic is also relevant in the real world, and probably everyone has heard of Dolly the sheep, the first cloned mammal. Since then, mankind has managed to clone, among others horse, pig or dog. But that’s not what we’re going to discuss today. We will focus on something else, after all, it is the IT world that interests us the most. Today we are going to learn something new about cloning Git repositories!

Discovering HTTPS

Let’s start by explaining what the famous HTTPS means, we’ll need it later. In short, it is the encrypted version of HTTP, period. But then what is HTTP? It is a protocol that works in client-server communication, thanks to which the Internet exists as we know it. HTTP supports different types of requests, depending on what we want to send, e.g. a specific resource or a completed form. What distinguishes these two protocols is the letter S, meaning Secure. Despite such a small difference in name, the difference in operation is huge because HTTPS is an encrypted connection! The TLS protocol is responsible for it, which first performs key exchange to verify the security of the connection, and only then the HTTP request is made.

Get free trial

Leaving security aside for a moment (I am surprised myself to say that), it is also worth taking a look at another reason for the popularity of HTTPS, namely Google algorithms. The positioning of the content is influenced by many factors, but one of them is the use of the encrypted version of the protocol. According to Google, this has a significant impact and it will certainly increase in the future, so it’s worth learning about and using this protocol.

Git clone with HTTPS

Now let’s move on to the clue of the program, which is the question posed at the beginning of the article. Our repository, such as Bitbucket, is available on the web at a specific address and the HTTP request allows us to download such a page and display it in the browser. This repository address is also the one used by Git. We need it because it is one of the parameters (and the only required one) of the clone function. How to clone github repository? To clone a repository we just need to type such command:

git clone <REPOSITORY_ADDRESS>

Let’s check it on the example of the most popular repository on GitHub. Specifically, it is freeCodeCamp, which has over 326k stars and over 26k forks.

To do clone with HTTPS, just go to the location where the repo is to be placed in the terminal and enter the following instruction:

git clone https://github.com/freeCodeCamp/freeCodeCamp.git

And that’s all. This can take a while as this particular project is quite sizable and Git has to download everything locally. However, when everything is successful, the repository will be cloned and we can start working on it. It is also worth paying attention to the suffix .git – it is not required and the address without it is also considered valid.

When we look at the repository through the browser, we find there is a sub-menu for cloning. There will be a couple of options, such as using a desktop application, downloading ZIP archive, and also copying addresses per protocol. The image below shows the default view with an HTTPS address on GitHub.

default view with an HTTPS address on GitHub

git clone whith HTTPS – saving credentials

To freely use such a cloned repository, i.e. to perform pull and push operations, we must enter our password each time to verify the connection. This can be cumbersome, so Git configuration allows you to remember the credentials. To do this, we need to set the appropriate value of the attribute credential.helper in the local Git configuration. I will just add that this option exists since version 1.7.10, so since 2012, which is quite a long time.

Setting up such a helper is simple, but there are several options for this configuration. One of them is CACHE. This option never saves our credentials to the hard disk of the computer, it only stores them in the OS cache. For security reasons, we can also set the timeout attribute, which will only temporarily remember our passwords.

git config credential.helper ‘cache ==timeout=3600’

Another type is STORE. This time our login details are saved on disk. Importantly, this file is not encrypted in any way, and the only protection is to restrict access to the file for the user who created the file.

git config credential.helper store

There is also another type, the so-called custom helpers. Here we can use 3rd party services or create our own way of storing credentials. Of course, this configuration method is more complicated and requires more knowledge, but it allows you to significantly increase the level of security.

Differences compared to SSH

Now let’s compare the pros and cons of using HTTPS in comparison to the SSH protocol. In short, SSH is a communication protocol that uses a pair of keys to establish a connection. You can learn more about creating a key pair and using them in working with repositories here: How to clone using SSH in Git?

All the popular hosting services used to work with Git allow us to use both HTTPS and SSH, so here we have a draw. The main difference, however, is the level of security. While HTTPS is encrypted and gives us a high level of security, SSH goes a step further and forces us to create a key pair and provide a public key to the website to establish a connection. This increases the level of control over access to repositories. The advantage here is definitely on the SSH side.

On the other hand, let’s analyze the setup time and the convenience of use. Here, HTTPS has the advantage, because it is enough to perform the clone operation with the appropriate address, enter the login/password and it’s ready. Setting up SSH requires us to first create a key pair and secondly add them in the right place. It may not be difficult or very time-consuming, but it is certainly easier to clone with HTTPS, especially for someone just entering the IT world.

HTTPSSSH
https://github.com/USER/REPO_NAME.gitgit@github.com:USER/REPO_NAME.git
GitHub credentials: user + passwordprivate key on local + public key on GitHub

Git clone with HTTPS – conclusion

I hope after reading this article it is clear how to do git clone with HTTPS.

This is the default method of cloning on most popular platforms such as GitHub or GitLab. We do not need any special configuration, all we need is an account and authorization with a login and password and github personal access tokens. Of course, when it comes to security, we start to notice some problems resulting from the use of this protocol, but the convenience and ease of use are its great advantages. The risk of losing the login and password is quite high, so it is worth taking steps to increase security, e.g. using two-step password authentication. Of course, as always, it is also worth backing up our repositories regularly in case a hacker takes over our passwords, and personal access token and removes or encrypts all our code in order to receive a ransom.

Before you go:

✍️ Subscribe to GitProtect DevSecOps X-Ray Newsletter and always stay up-to-date with the latest DevOps and security insights

👀 Discover what are the options to clone a Git repository and why it gives you more control over what you do

🔎 Check out what the difference between Git backup and Git clone and why the latter can’t substitute Git backup

📚 Find out how to clone using SSH in Git and why it is a good option for security reasons

📅 Scedule a live custom demo and learn more about GitProtect backups for your DevOps data protection

📌 Or try GitProtect backups for your DevOps tools to eliminate data loss and ensure workflow continuity

Comments are closed.

You may also like