[TriEmbed] GitHub heads up: password logins go away August 13th

Wed Jan 27 11:36:34 CST 2021

Robert,

I hate to say this but everybody working with the same account is asking
for trouble.
The reason why I'm the only one to respond, at least with respond all, is
because there is no better solution but to have separate accounts.
I understand that you have no admin to seemingly solve the issue for you,
but that's the issue to solve not to get around it by trying to solve the
myriad of problems having only one account will cause.

If you really can't solve the single account problem then yes definitely
set up a local git repo, but that will take the talents of somebody that
really knows how git works. A central git repo is NOT set up like the one
you have locally in your working environment, it may need that elusive
admin for setting up.

~Carl

On Tue, Jan 26, 2021 at 5:55 PM Robert Mackie <rob at mackies.org> wrote:

> Hey Folks,
>
> Could use some insights from you.  My normal case - on a computer I own,
> or work at regularly and am the only user of, or on an account i own and am
> the only user of (home or work), it seems like tokens won't be a problem.
> In fact, they may make things even easier, day-to-day.
>
> I have 2 special cases - curious if you have any suggestions.
>
> *Case 1)* I coach an FRC team. Everyone on the team uses shared laptops
> with shared login. We don't have an IT staff to keep a login on each
> machine for each member of the team on each laptop or computer. So any
> suggestion that requires doing that isn't worth putting out there.  With
> passwords it was easy. Anyone could clone a repo, do work, push the work,
> and delete the repo - all they needed was their password - oh another
> aside, some of the students aren't at all sure they even want to learn to
> code so we want to keep the obstacles level as low as possible. requiring
> lots of expertise to access the code isn't really useful. Many of them have
> never used a command line, and the interest in doing so is still far in
> their future.
>
> So with a token on shared machines and shared accounts -* one solution* -
> everyone uses the same token and the same accounts. No one has a clue who
> put what code in the repo because the push always comes from that account.
> Any better solutions?
>
> *Case 2)* For me 0 I often find that I am in a situation where I'm on a
> machine that is not "my own machine" and may be on an account that is "not
> my account". Having non-confidential projects where they can be pulled in
> quickly is handy. I have open repos on github where confidentiality isn't
> an issue and can just clone a repo, so some work and push the work, and
> delete the local repo. if i forget to delete the local repo - no harm to me
> - they don't have my password, and the harm to them is just the need to
> delete a directory full of junk (whoever "them" is)  and if they do push
> some junk to my repo, given the repo IS version control - it would be
> generally pretty easy to undo the mess unless they were very nefarious.
>
> What is the easiest way to make a "token" portable (usb thumb?) and make
> sure it is never left behind on a machine that I don't control? It feels
> like losing control of the token is a bad thing.
>
> *Parting note:*
> I have to admit that I haven't taken the time to look and see if there are
> easy solutions. I'm hoping to get a free ride here on someone else's
> brilliance. So feel free to tell me my cases are "too special" and go fish
> on my own. :-) But if you have any suggestions, I'm interested.
>
> Rob.
> PS: I've seriously thought about just setting up a non github git repo in
> the cloud to solve some of these problems, but there are downsides to that
> as well. There is value to getting these students on github and aware of
> how all of that works. and Github has some nice features beyond simple git,
> and is publicly findable. (and someone else maintains it)
>
> On Tue, Jan 26, 2021 at 11:53 AM Carl Nobile via TriEmbed <
> triembed at triembed.org> wrote:
>
>> Sure,
>>
>> I already described in one of my previous tutorials how to actually get
>> the token, but not how to use it for normal SSH access.
>>
>> ~Carl
>>
>> On Tue, Jan 26, 2021 at 11:45 AM Pete Soper via TriEmbed <
>> triembed at triembed.org> wrote:
>>
>>> Been a long time since I hooked up for working with a GitHub repo (the
>>> day MS bought them) and I just got a message saying it's time to get
>>> with the the token, SSH thing.
>>>
>>> If anybody's interested I could take notes about how to make this
>>> transition, but it will be Linux-centric.
>>>
>>> -Pete
>>>
>>>
>>>
>>> _______________________________________________
>>> Triangle, NC Embedded Computing mailing list
>>>
>>> To post message: TriEmbed at triembed.org
>>> List info:
>>> http://mail.triembed.org/mailman/listinfo/triembed_triembed.org
>>> TriEmbed web site: http://TriEmbed.org
>>> To unsubscribe, click link and send a blank message: mailto:
>>> unsubscribe-TriEmbed at bitser.net?subject=unsubscribe
>>>
>>>
>>
>> --
>>
>> -------------------------------------------------------------------------------
>> Carl J. Nobile (Software Engineer)
>> carl.nobile at gmail.com
>>
>> -------------------------------------------------------------------------------
>> _______________________________________________
>> Triangle, NC Embedded Computing mailing list
>>
>> To post message: TriEmbed at triembed.org
>> List info:
>> http://mail.triembed.org/mailman/listinfo/triembed_triembed.org
>> TriEmbed web site: http://TriEmbed.org
>> To unsubscribe, click link and send a blank message: mailto:
>> unsubscribe-TriEmbed at bitser.net?subject=unsubscribe
>>
>>

-- 
-------------------------------------------------------------------------------
Carl J. Nobile (Software Engineer)
carl.nobile at gmail.com
-------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.triembed.org/pipermail/triembed_triembed.org/attachments/20210127/0f9c8045/attachment.htm>