Use Git via HTTPS versus SSH

There was one time I could not clone a cybersecurity project on Bitbucket Cloud through HTTPS over the office network due to Git authentication failure. Then, my team lead said, “Oh, you have to clone it via SSH.” I wonder what the difference is between accessing a Git repository via HTTPS (Hypertext Transfer Protocol Secure) and SSH (Secure Shell).

HTTPS and SSH are both secure cryptographic network protocols to protect data sensitivity. Generally, when we use HTTPS for Git, we do git clone https://github.com/user/repo.git and authenticate with our username & password or a personal access token. For basic and public GitHub repository usage, it is easier configurable, and more accessible to use HTTPS than SSH. When communicating with a remote repository via SSH, we have to create an SSH key pair. Once set up, the key pair consists of a public key added to a Git hosting server (e.g., Bitbucket, Github, Gitlab) and a private key stored on our local machine. We use the private key to authenticate with the remote repository and clone by doing ssh://git@github.com:user/repo.git

Working with Git repositories regularly, I just learned SSH is preferable in an enterprise environment as it will ensure an encrypted connection to transmit our source codes between our local devices and the Git hosting service. SSH keys help identify trusted devices, without involving passwords, which can get easily compromised. If the security is the priority, then SSH is the way to go.