I need a lesson on gitlab security
Hal Murray
halmurray at sonic.net
Sun Mar 15 09:58:03 UTC 2026
Many years ago, I told gitlab my ssk public key and git push just worked.
A while ago, it started asking me for a password. Annoying, but no big
deal since I don't push very often. (There is a bug in the login popup.
Anybody know how to report things like that? It wants a user name, but
the typin box says password.]
Now, when I try it, I get this error blurb:
remote: HTTP Basic: Access denied. If a password was provided for Git
authentication, the password was incorrect or you're required to use a
token instead of a password. If a token was provided, it was either
incorrect, expired, or improperly scoped. See https://gitlab.com/help/topic
s/git/troubleshooting_git.md#error-on-git-fetch-http-basic-access-denied
I don't remember any announcement or discussion of this area. Did I miss
something? Can somebody give me quick lesson?
Is there a flag I can set to go back to useing ssh rather than HTTP?
I don't know anything about tokens. Is the token stuff the path of least
resistance? Why do I want one and/or why are they better than passwords?
--
These are my opinions. I hate spam.
More information about the devel
mailing list