Microsoft Open-Sources Git Credential Manager for Mac and Linux

As has been mentioned (repeatedly) this obviously has no use for people using SSH. Indeed, the goal of this tool is explicitly to be helpful for cloud-hosted repositories in Visual Studio Team Services (formerly Visual Studio Online). This is helpful for teams that enforce two-factor authentication over HTTPS. The article assumes a bit of knowledge about this, but does indeed mention this:<p>&gt; We ported this tool to Mac and Linux to simplify their authentication to remote Git repositories, in particular those hosted in Visual Studio Team Services (VSTS).

&gt; Are you tired of typing in a user name and password every time you fetch from or push to remote Git repositories?<p>No, because SSH.

&gt; Are you tired of typing in a user name and password every time you fetch from or push to remote Git repositories?<p>No?

This is not yet for those who use SSH. It&#x27;s for situations where multi-factor authentication is required, including SMS, phone call, etc. SSH support on VSTS Git repos is coming soon: <a href="https:&#x2F;&#x2F;visualstudio.uservoice.com&#x2F;forums&#x2F;121579-visual-studio-2015&#x2F;suggestions&#x2F;3801342-add-support-for-ssh-keys-as-alternate-authenticati" rel="nofollow">https:&#x2F;&#x2F;visualstudio.uservoice.com&#x2F;forums&#x2F;121579-visual-stud...</a>

I am baffled why would they try to port this for Mac &#x2F; Linux which already has SSH functionality built-in. It can make sense on Windows where there is no equivalent, by default.

I like the idea of adding second-factor authentication to your Git credentials. But doing this using OAuth to a cloud service just seems like the wrong approach. Use SSH keys, and then either (a) set a good password on your key, or (b) store the key on a hardware token, like a Yubikey. [1]<p>I think the big problem here is that they&#x27;re using HTTP(S) as a transport for Git. And there&#x27;s just not very many options left for layering on extra security if you do that.<p>[1]: I&#x27;m a big fan of Yubikeys for credential storage. You can put them in PGP Smartcard mode, and then use the PGP key with SSH: <a href="https:&#x2F;&#x2F;www.esev.com&#x2F;blog&#x2F;post&#x2F;2015-01-pgp-ssh-key-on-yubikey-neo&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.esev.com&#x2F;blog&#x2F;post&#x2F;2015-01-pgp-ssh-key-on-yubike...</a>

Remember Microsoft&#x27;s patented triple-e tactic:<p>1. Embrace<p>2. Extend<p>3. Extinguish<p>We&#x27;re at step 2. They&#x27;ve gotten pretty fast at it, I must say.

OAuth for SSH? What the hell are you guys doing? No, stop. <i>Stop.</i> Drop it. Go back to the drawing board and learn what SSH can do apart from password and public key auth (hint: Everything from challenge-response schemes to Kerberos).

honestly this is just sad

Off-topic, but personally what I would really like to have is for my password manager (1Password) to manage the ssh keys.

On the front page:<p>3 mentions of Visual Studio, 2 mentions of Microsoft, 1 mention of ASP.NET<p>Yes, yes, yes Microsoft are still bleeding edge with the software :)