Feature image for the tutorial on how to create and store your GitHub personal access token

Create and store your GitHub personal access token

Do you prefer a basic username and password combo for accessing your GitHub repositories? No problem. Just make sure you clone using the HTTPS URL. One snag though: Starting August 13th of 2021, GitHub no longer allows you to authenticate using your account’s username and password. Instead of a password, you now need to specify a personal access token. This article explains how to create a GitHub personal access token and how to store it on your Linux PC.


As a developer you access your GitHub repository either via HTTPS or SSH. When cloning the repository to your PC, you make the decision on the access method: If you clone with the URL that starts with https: then you selected HTTPS, SSH If the clone URL starts with [email protected]:. Both methods work fine, the only difference lies in the authentication method.

Authenticating via SSH requires an SSH public/private key pair. This involves generating the key pair, registering the private key with your operating system and uploading the public key to your GitHub account. The benefit of SSH authentication is the security. The SSH public/private key combo is hard to crack. As a downside it involves a bit of setup work. More importantly, not all PC operating systems natively support the use of SSH keys. Not an issue on Linux, but definitely a bit trickier on Windows. You need to install the Putty tools to make it work on Windows.

To make authentication easier, GitHub also supports access with your account’s username and password. In this case you need to clone using the HTTPS method for accessing your repositories. However, it is not as secure. Out of convenience, users more often than not reuse the same username and password for different accounts on the Internet. If one of these accounts gets hacked, the culprit can potentially access your GitHub account and repositories.

For this reason, GitHub no longer supports password authentication since August 13th of 2021. Instead of a password, you need to use a personal access token.

Personal access token

At first sight a personal access token is nothing more than a long and secure password. You even use it the same way. When cloning a private GitHub repository or committing changes to a GitHub repository, you simply use your account’s username and then specify the personal access token, when prompted for the password.

Compared to a password, a personal access token offers two major benefits:

  • Your personal access token is unique for your GitHub account and not used for other accounts on the Internet. Making it a more secure option.
  • With a personal access token you can configure a more fine-grained access control for the resources of your GitHub account.

This article walks you through the steps of creating your GitHub personal access token, for accessing your GitHub repositories, both public and private, via HTTPS. I’ll also explain how you can store your GitHub personal access token locally on your Linux PC, so you won’t need to enter it each time you access your repository.

What do you need

To follow along with the steps in this article, you just need a Linux PC with:

  1. A desktop environment of your choice.
  2. Access to the Internet and a web browser.
  3. The Git packages installed.

All Linux desktop distributions cover items 1 and 2. Some also already install the Git packages. If not, here follow the installation instructions for popular Linux distributions:

  • Debian/Ubuntu/Raspberry PI: sudo apt install git
  • Fedora: sudo dnf install git
  • openSUSE: sudo zypper install git

For this article, I’ll use an openSUSE Tumbleweed virtual machine which comes with the Firefox web browser and I installed the XFCE desktop environment.

Create a GitHub personal access token

In this section we’ll cover the creation of a new GitHub personal access token. Point your web browser to your account on the GitHub website and log in. Once logged in, click on your account icon located in the top-right corner. From the menu that appeared, select Settings:

Partial screenshot of the GitHub website. It illustrates how to access your account settings.

Your account profile page appears. Scroll down a bit and click on the Developer settings category:

Web browser screenshot of your GitHub profile page. It highlights how to access to the developer settings section.

On the newly appeared Developer settings page, navigate to section Personal access tokens → Tokens. Next, click the Generate new token button and select the option Generate new token (classic):

Screenshot of the GitHub developer settings page. It explains how to go to the page for creating a new personal access token.

On the New personal access token page, enter a Note of your choosing and make sure to check the repo check-box. That way you can use your newly created personal access token for accessing both your public and private GitHub repositories. Optionally, you can change the token’s expiration date. This determine how long the personal access token can be used. I typically set it to one year, but that decision is up to you. Click the Generate token button at the bottom to go ahead with the actual GitHub personal token creation:

Screenshot of the GitHub new personal access token (classic) page. It highlights the sections to fill out for creating a new GitHub personal access token.

On the next page, GitHub presents you with your newly generated personal access token. Make sure to copy it and store it somewhere save, for example in a password manager, and don’t share it with anyone else. Once you leave this page on the GitHub site, you will no longer be able to see it again:

Screenshot of a GitHub webpage that is shown after successfully creating a new classic personal access token. Make sure to copy the personal access token, because you won't be able to see it again, after leaving this webpage.

Test your new GitHub personal access token

With the GitHub personal access token created, we can give it a try by cloning a private GitHub repository. You probably already setup a private repository at some point in your GitHub repository. If not, you can quickly create one just for testing purposes. You can always delete it again afterwards. To do so, click the New button on the Repositories page:

Screenshot of the GitHub UI of how to select the option to create a new GIT repository.

On the Create a new repository page, enter a repository name. I went for testrepo. Next enter a description, make sure to select Private repository and check the box to add a README file. That way the repository is not empty and we actually have something to clone. Once you entered all this repository information, click the Create repository button:

Screenshot of the new repository creation page. It highlights how to create a private repository that we'll use for testing the newly created GitHub personal access token.

After its creation, GitHub automatically redirects you to the newly created repository. Before we can clone the repository, we need to determine its HTTPS URL. Click on the Code button and select HTTPS. Next, copy the URL that appeared. In my case:

  • https://github.com/pragmaticlinuxblog/testrepo.git
Screenshot that shows you how to get the HTTPS clone URL for the newly created test repository.

To continue with the repository cloning, open up your terminal and enter the following command. Make sure to replace the URL, with the URL of your repository:

  • git clone https://github.com/pragmaticlinuxblog/testrepo.git ~/MyTestRepo

When prompted for your username, enter your GitHub account username. More importantly, when asked for your password, enter your newly created personal access token:

Terminal screenshot that shows how to clone the test repository, while specifying your GitHub personal access token, instead of your account's password.

If the cloning does not report any errors, you successfully verified that your newly created GitHub personal access token works.

Store your GitHub personal access token

One disadvantage of working with a GitHub personal access token: You need to specify your username and personal access token each time when accessing your remote repository. For example when cloning, pulling, pushing, etc. Luckily, GIT includes a credential helper. With the GIT credential helper you can store your username and personal access token credentials.

Store GitHub credentials in a file

The easiest (and least secure) way to do this, is by simply creating a text file in your home directory, with the name .git-credentials:

  • nano ~/.git-credentials

Next, enter the following on the first line. Make sure to replace user with your account’s username and pass with your personal access token:

Nano text editor screenshot that shows how to enter your GitHub username and personal access token in the .git-credentials file for the GIT plan fiile credential helper.

As a final step, we inform GIT that we would like to authenticate using the credential in this file. You do so, by running this command in the terminal:

  • git config --global credential.helper store

To test that it works, repeat the cloning of the test repository. You’ll notice that GIT now no longer asks for the username and password:

Cloning the GIT test repository again, this time highlighting that you no longer need to enter your username and personal access token, because it now uses the info from the .git-credentials file.

Store GitHub credentials in the GNOME keyring

When using a GTK based desktop environment, such as GNOME, Cinnamon, XFCE, Mate and Budgie, you can store passwords and keys in the GNOME keyring. A really handy feature is that you can also store your GitHub credentials in the GNOME keyring. How to link your GitHub credentials to your GNOME keyring depends a bit on the Linux distribution that you run. The installation and configuration instructions for popular Linux distributions:


  • sudo zypper install git-credential-libsecret
  • git config --global credential.helper /usr/libexec/git/git-credential-libsecret

Debian/Ubuntu/Raspberry PI

  • sudo apt install make gcc libsecret-1-0 libsecret-1-dev
  • cd /usr/share/doc/git/contrib/credential/libsecret
  • sudo make
  • git config --global credential.helper /usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecret


  • sudo dnf install git-credential-libsecret
  • git config --global credential.helper /usr/libexec/git-core/git-credential-libsecret

The next time your perform a GIT operation, requiring credentials, the credential helper stores the username and personal access token in your GNOME keyring. For subsequent GIT operations, your credentials are automatically taken from the stored values in your GNOME keyring. To change or delete the credentials stored in the GNOME keyring, you can use a GUI tool such as Seahorse:

Seahorse screenshot that shows you where you can find your stored GitHub credentials in this password and keys manager.

Wrap up

This article explained how to create and use a personal access token for your GitHub account. Ever since the 13th of August 2021, you need to specify your personal access token, instead of your account’s password, when accessing your GIT repository using the HTTPS URL. Additionally this article showed how to store your GitHub credentials (username and personal access token) on your Linux PC. That way you only need to specify your credentials once and your system remembers them for the future.

If you work with GIT and GitHub on a regular basis, you might be interested in one of the other GIT related articles:


Long term Linux enthusiast, open source software developer and technical writer.

View all posts by PragmaticLinux →