Frequently Asked Question

Should I authenticate to a Git host with SSH or HTTPS?

Both work. HTTPS uses a password, these days a personal access token rather than your account password, sent over a TLS-encrypted connection, and Git pushes and pulls speak over port 443. The big advantage is that almost every firewall allows port 443 outbound, so HTTPS works from corporate networks, hotels, and other places where SSH is blocked. The disadvantage is that you have to authenticate on every operation unless a credential helper (libsecret, osxkeychain, Windows Credential Manager) caches the token.

SSH uses public-key authentication: you generate a key pair with ssh-keygen -t ed25519, upload the public half to your Git host, and the private key on your machine signs every connection. There is no password to leak, no token to rotate, and ssh-agent keeps the unlocked key in memory so you only enter the passphrase once per session. SSH speaks on port 22, which is often blocked outside developer networks (GitHub offers an SSH-over-443 workaround). Most experienced developers end up using SSH for personal machines, HTTPS for CI servers and machines they do not fully control.