Using HTTPS or SSH with GitHub

I’d like to know what is the best way to connect to a GitHub repository between HTTPS and SSH. Apparently GitHub seems to recommend HTTPS over SSH:

If you have decided not to use the recommended HTTPS method, we can use SSH keys to establish a secure connection between your computer and GitHub. The steps below will walk you through generating an SSH key and then adding the public key to your GitHub account.

  • Target location for project “ ” already exists, can not move project
  • Git: how to remove history before a specific commit
  • Git (windows); P4merge as mergetool error
  • Line history viewer - Git
  • Asking git to look for different key other than id_rsa
  • GIT - branches not closing after merge
  • Yet I see no reason why HTTPS would actually be better than SSH. SSH should be more secure than HTTPS normally. So why would GitHub recommend HTTPS?

  • Should I have to add files to git every time I want to commit?
  • Git commit against tag with no branch
  • How to use specified key when working with github via portablegit?
  • Git showing identical files as changed
  • Visual Studio 2010 git source control provider
  • Github clone error
  • 2 Solutions collect form web for “Using HTTPS or SSH with GitHub”

    https is easier to use than ssh.

    With ssh, you need to:

    • generate a public/private key
    • publish it on GitHub
    • launch (if you really want security) an ssh-agent to enter the passphrase you would have associated to your private key.

    https just reuse the GitHub credential you already have.
    If you don’t want to enter your GitHub password for each git command, you can store those credentials in an encrypted ~/.netrc.gpg (or %HOME%/_netrc.gpg on windows).
    See a full step-by-step example at “Is there a way to skip password typing when using https:// github”.

    I store that way several credentials (to GitHub, BitBucket, internal repos, …) in one (encrypted) file, and I type one password (the gpg passphrase) once in the morning.
    I can then access all those repos without having to enter my credential during the day.

    I got an answer from GitHub:

    We recommend https since it is far simpler to set up and doesn’t require knowledge or secure management of ssh keys.

    Since ssh and https both use ssl behind the scenes, the benefit of requiring access to a private key rather than login credentials only holds if those keys are managed securely. For those unfamiliar with best practices around ssh keys, this is often harder to explain than it is to let them maintain username/passhprase login credentials using the procedures they already know. The recommendations are there so those who don’t have a strong opinion either way can choose the most straightforward method. Anyone who prefers ssh keys is able to do so as they’re fully supported.

    Git Baby is a git and github fan, let's start git clone.