How to save username and password with Mercurial?
I used Mercurial in a personal project, and I have been typing my username and password every time I want to push 开发者_开发问答something to the server.
I tried adding the following to the .hgrc
file in my home directory, but it seems to be completely ignored.
[ui]
username = MY_USER_NAME
password = MY_PASSWORD
How to do this the right way?
You can make an auth section in your .hgrc
or Mercurial.ini
file, like so:
[auth]
bb.prefix = https://bitbucket.org/repo/path
bb.username = foo
bb.password = foo_passwd
The ‘bb’ part is an arbitrary identifier and is used to match prefix with username and password - handy for managing different username/password combos with different sites (prefix)
You can also only specify the user name, then you will just have to type your password when you push.
I would also recommend to take a look at the keyring extension. Because it stores the password in your system’s key ring instead of a plain text file, it is more secure. It is bundled with TortoiseHg on Windows, and there is currently a discussion about distributing it as a bundled extension on all platforms.
There are three ways to do this: use the .hgrc file, use ssh or use the keyring extension
1. The INSECURE way - update your ~/.hgrc file
The format that works for me (in my ~/.hgrc file) is this
[ui]
username=Chris McCauley <chris.mccauley@mydomain.com>
[auth]
repo.prefix = https://server/repo_path
repo.username = username
repo.password = password
You can configure as many repos as you want by adding more triplets of prefix,username, password by prepending a unique tag.
This only works in Mercurial 1.3 and obviously your username and password are in plain text - not good.
2. The secure way - Use SSH to AVOID using passwords
Mercurial fully supports SSH so we can take advantage of SSH's ability to log into a server without a password - you do a once off configuration to provide a self-generated certificate. This is by far the safest way to do what you want.
You can find more information on configuring passwordless login here
3. The keyring Extension
If you want a secure option, but aren't familiar with SSH, why not try this?
From the docs ...
The extension prompts for the HTTP password on the first pull/push to/from given remote repository (just like it is done by default), but saves the password (keyed by the combination of username and remote repository url) in the password database. On the next run it checks for the username in .hg/hgrc, then for suitable password in the password database, and uses those credentials if found.
There is more detailed information here
No one mentioned the keyring extension. It will save the username and password into the system keyring, which is far more secure than storing your passwords in a static file as mentioned above. Perform the steps below and you should be good to go. I had this up and running on Ubuntu in about 2 minutes.
>> sudo apt-get install python-pip
>> sudo pip install keyring
>> sudo pip install mercurial_keyring
**Edit your .hgrc file to include the extension**
[extensions]
mercurial_keyring =
https://www.mercurial-scm.org/wiki/KeyringExtension
A simple hack is to add username and password to the push url in your project's .hg/hgrc
file:
[paths]
default = http://username:password@mydomain.com/myproject
(Note that in this way you store the password in plain text)
If you're working on several projects under the same domain, you might want to add a rewrite rule in your ~/.hgrc
file, to avoid repeating this for all projects:
[rewrite]
http.//mydomain.com = http://username:password@mydomain.com
Again, since the password is stored in plain text, I usually store just my username.
If you're working under Gnome, I explain how to integrate Mercurial and the Gnome Keyring here:
http://aloiroberto.wordpress.com/2009/09/16/mercurial-gnome-keyring-integration/
NOBODY above explained/clarified terms to a novice user. They get confused by the terms
.hg/hgrc -- this file is used for Repository, at local/workspace location / in actual repository's .hg folder.
~/.hgrc -- this file is different than the below one. this file resides at ~ or home directory.
myremote.xxxx=..... bb.xxxx=......
This is one of the lines under [auth] section/directive, while using mercurial keyring extension. Make sure the server name you put there, matches with what you use while doing "hg clone" otherwise keyring will say, user not found. bb or myremote in the line below, are "alias name" that you MUST give while doing "hg clone http:/.../../repo1 bb or myremote" otherwise, it wont work or you have to make sure your local repository's .hg/hgrc file contain same alias, ie (what you gave while doing hg clone .. as last parameter).
PS the following links for clear details, sorry for quickly written grammar.
- https://stackoverflow.com/questions/14267873/mercurial-hg-no-changes-found-cant-hg-push-out/14269997#14269997
- http://www.linuxquestions.org/questions/showthread.php?p=4867412#post4867412
- https://stackoverflow.com/questions/12503421/hg-push-error-and-username-not-specified-in-hg-hgrc-keyring-will-not-be-used/14270602#14270602
- OpenSUSE Apache - Windows LDAP - group user authentication - Mercurial
ex: If inside ~/.hgrc (user's home directory in Linux/Unix) or mercurial.ini in Windows at user's home directory, contains, the following line and if you do
`"hg clone http://.../.../reponame myremote"`
, then you'll never be prompted for user credentials more than once per http repo link. In ~/.hgrc under [extensions] a line for "mercurial_keyring = " or "hgext.mercurial_keyring = /path/to/your/mercurial_keyring.py" .. one of these lines should be there.
[auth]
myremote.schemes = http https
myremote.prefix = thsusncdnvm99/hg
myremote.username = c123456
I'm trying to find out how to set the PREFIX property so that user can clone or perform any Hg operations without username/password prompts and without worrying about what he mentioned in the http://..../... for servername while using the Hg repo link. It can be IP, servername or server's FQDN
mercurial_keyring installation on Mac OSX using MacPorts:
sudo port install py-keyring
sudo port install py-mercurial_keyring
Add the following to ~/.hgrc:
# Add your username if you haven't already done so.
[ui]
username = email@address.com
[extensions]
mercurial_keyring =
If you are using TortoiseHg you have to perform these three steps shown in the attached screen shot, this would add your credentials for the specific repository you are working with.
To add global settings you can access the file C:\users\user.name\mercurial.ini and add the section
[auth]
bb.prefix=https://bitbucket.org/zambezia/packagemanager
bb.username = $username
bb.password = $password
Hope this helps.
While it may or may not work in your situation, I have found it useful to generate a public / private key using Putty's Pageant.
If you are also working with bitbucket (.org) it should give you the ability to provide a public key to your user account and then commands that reach out to the repository will be secured automatically.
If Pageant doesn't start up for you upon a reboot, you can add a shortcut to Pageant to your Windows "Start menu" and the shortcut may need to have a 'properties' populated with the location of your private (.ppk) file.
With this in place Mercurial and your local repositories will need to be set up to push/pull using the SSH format.
Here are some detailed instructions on Atlassian's site for Windows OR Mac/Linux.
You don't have to take my word for it and there are no doubt other ways to do it. Perhaps these steps described here are more for you:
- Start PuttyGen from Start -> PuTTY-> PuttyGen
- Generate a new key and save it as a .ppk file without a passphrase
- Use Putty to login to the server you want to connect to
- Append the Public Key text from PuttyGen to the text of ~/.ssh/authorized_keys
- Create a shortcut to your .ppk file from Start -> Putty to Start -> Startup
- Select the .ppk shortcut from the Startup menu (this will happen automatically at every startup)
- See the Pageant icon in the system tray? Right-click it and select “New session”
- Enter username@hostname in the “Host name” field
- You will now log in automatically.
精彩评论