Git authentication on Windows: SSH keys and tokens

GitHub, GitLab and Azure DevOps require authentication for private repository operations. The two recommended options are SSH keys (more secure, no password) and Personal Access Tokens (PAT, simpler to configure).

Option 1: SSH key

Generate SSH key pair on Windows

ssh-keygen -t ed25519 -C "you@email.com"
Start-Service ssh-agent
Set-Service -Name ssh-agent -StartupType Automatic
ssh-add $env:USERPROFILE\.ssh\id_ed25519

Copy public key to add to GitHub

Get-Content $env:USERPROFILE\.ssh\id_ed25519.pub | clip
# Paste in GitHub → Settings → SSH and GPG keys → New SSH key

Test SSH connection to GitHub

ssh -T git@github.com
# Expected: Hi username! You've successfully authenticated...

Option 2: Personal Access Token (PAT)

Store PAT in Windows Credential Manager

git config --global credential.helper manager-core
# Git will ask for username + PAT on first push and save them automatically

Security recommendation: Use ED25519 SSH keys for daily access and PATs with minimum permissions and expiry dates for CI/CD and automation. Never put your GitHub password in scripts or unencrypted environment variables.