On 11 December 2017 at 13:41, Donald Stufft <don...@stufft.io> wrote: > >> On Dec 11, 2017, at 8:04 AM, Paul Moore <p.f.mo...@gmail.com> wrote: >> >>> On 11 December 2017 at 12:29, Donald Stufft <don...@stufft.io> wrote: >>> >>> On Dec 11, 2017, at 7:03 AM, Paul Moore <p.f.mo...@gmail.com> wrote: >>> >>> Um, I use https not ssh, as for at least some of the time I'm behind a >>> firewall that only allows https, not ssh traffic. (I know, I'm sorry - >>> I can probably be the worst possible corner case for *any* suggestion >>> that gets made :-)) >>> >>> >>> >>> https://help.github.com/articles/providing-your-2fa-authentication-code/#through-the-command-line >> >> I use username and password and git credential manager. Uses the OS >> password store. I don't know of any way that 2FA integrates with that. >> If someone can tell me how it does (and it's as unobtrusive as, say >> gMail which only prompts me if I log on via a previously unused >> machine) then that's fine. Otherwise not so much. >> >> Paul > > > Did you read the linked section? You generate a limited scope access token > and use that in place of your password for command line usage via https.
Maybe I didn't understand it. Doesn't that leave me in precisely the same situation as a username/password, in that I have a single set of credentials I can use? Or is the fact that it's tied to the specific machine the point here? If so, then thanks, I can certainly use that should someone decide that mandating 2FA is a good idea (I still maintain that recommended but not mandatory is better, as my GH account is not used solely for CPython development, so making such a change has wider effects than just for this project). Paul _______________________________________________ python-committers mailing list python-committers@python.org https://mail.python.org/mailman/listinfo/python-committers Code of Conduct: https://www.python.org/psf/codeofconduct/
