GitHub have changed their recommendation several times (example).

GitHub 已多次更改他们的推荐（示例）。

It appears that they currently recommend HTTPS because it is the easiest to set up on the widest range of networks and platforms, and by users who are new to all this.

看来他们目前推荐使用 HTTPS，因为它最容易在最广泛的网络和平台上进行设置，而且对于所有这一切的新手来说也是如此。

There is no inherent flaw in SSH (if there was they would disable it) -- in the links below, you will see that they still provide details about SSH connections too:

SSH 没有固有的缺陷（如果有的话他们会禁用它）——在下面的链接中，你会看到他们仍然提供有关 SSH 连接的详细信息：

1. HTTPS is less likely to be blocked by a firewall.

   https://help.github.com/articles/which-remote-url-should-i-use/

   The https:// clone URLs are available on all repositories, public and private. These URLs work everywhere--even if you are behind a firewall or proxy.

2. An HTTPS connection allows credential.helperto cache your password.

   https://help.github.com/articles/set-up-git

   Good to know: The credential helper only works when you clone an HTTPS repo URL. If you use the SSH repo URL instead, SSH keys are used for authentication. While we do not recommend it, if you wish to use this method, check out this guide for help generating and using an SSH key.

1. HTTPS 不太可能被防火墙阻止。

   https://help.github.com/articles/which-remote-url-should-i-use/

   https:// 克隆 URL 可用于所有存储库，公共和私有。这些 URL 可以在任何地方使用——即使您位于防火墙或代理之后。

2. HTTPS 连接允许credential.helper缓存您的密码。

   https://help.github.com/articles/set-up-git

   很高兴知道：凭证助手仅在您克隆 HTTPS 存储库 URL 时才起作用。如果您改用 SSH 存储库 URL，则会使用 SSH 密钥进行身份验证。虽然我们不推荐它，但如果您希望使用此方法，请查看本指南以获取生成和使用 SSH 密钥的帮助。

I assume HTTPS is recommended by GitHub for several reasons

我认为 GitHub 推荐 HTTPS 有几个原因

1) It's simpler to use from anywhere as you only need your account details (no SSH keys required)

1) 从任何地方使用都更简单，因为您只需要您的帐户详细信息（不需要 SSH 密钥）

2) HTTPS Is a port that is open in all firewalls. SSH is not always open as a port for communication to external networks

2) HTTPS 是所有防火墙都开放的端口。SSH 并不总是作为与外部网络通信的端口打开

A GitHub repository is therefore more universally accessible using HTTPS than SSH.

因此，使用 HTTPS 比使用 SSH 更容易访问 GitHub 存储库。

In my view SSH keys are worth the little extra work in creating them

在我看来，SSH 密钥值得在创建它们时做一些额外的工作

1) SSH Keys do not provide access to your GitHub account, so your account cannot be hiHymaned if your key is stolen,

1) SSH Keys 不提供访问您的 GitHub 帐户的权限，因此如果您的密钥被盗，您的帐户不会被劫持，

2) Using a strong keyphrase with your SSH key limits any misuse, even if your key gets stolen

2) 对您的 SSH 密钥使用强密钥短语可以限制任何滥用，即使您的密钥被盗

If your GitHub account credentials (username/password) are stolen, your GitHub password can be changed to block you from access and all your shared repositories can be quickly deleted.

如果您的 GitHub 帐户凭据（用户名/密码）被盗，可以更改您的 GitHub 密码以阻止您访问，并且可以快速删除您的所有共享存储库。

If a private key is stolen, someone can do a force push of an empty repository and wipe out all change history for each repository you own, but cannot change anything in your GitHub account. It will be much easier to try recovery from this breach of you have access to your GitHub account.

如果私钥被盗，有人可以强制推送一个空存储库并清除您拥有的每个存储库的所有更改历史记录，但无法更改您 GitHub 帐户中的任何内容。如果您可以访问您的 GitHub 帐户，尝试从这次违规中恢复会容易得多。

My preference is to use SSH with a passphrase protected key. I have a different SSH key for each computer, so if that machine gets stolen or key compromised, I can quickly login to GitHub and delete that key to prevent unwanted access.

我的偏好是使用带有密码保护密钥的 SSH。我对每台计算机都有不同的 SSH 密钥，因此如果该机器被盗或密钥泄露，我可以快速登录 GitHub 并删除该密钥以防止不必要的访问。

SSH can be tunneled over HTTPS if the network you are on blocks the SSH port.

如果您所在的网络阻止了 SSH 端口，则 SSH 可以通过 HTTPS 建立隧道。

https://help.github.com/articles/using-ssh-over-the-https-port/

https://help.github.com/articles/using-ssh-over-the-https-port/

If you use HTTPS, I would recommend adding two-factor authentication, to protect your account as well as your repositories.

如果您使用 HTTPS，我建议您添加两因素身份验证，以保护您的帐户和存储库。

If you use HTTPS with a tool (e.g an editor), you should use a developer token from your GitHub account rather than cache username and password in that tools configuration.

如果您将 HTTPS 与工具（例如编辑器）一起使用，您应该使用来自您的 GitHub 帐户的开发人员令牌，而不是在该工具配置中缓存用户名和密码。

Either you are quoting wrong or github has different recommendation on different pages or they may learned with time and updated their reco.

要么你引用错了，要么 github 在不同的页面上有不同的推荐，或者他们可能会随着时间的推移而学习并更新他们的记录。

We strongly recommend using an SSH connection when interacting with GitHub. SSH keys are a way to identify trusted computers, without involving passwords. The steps below will walk you through generating an SSH key and then adding the public key to your GitHub account.

我们强烈建议在与 GitHub 交互时使用 SSH 连接。SSH 密钥是一种无需密码即可识别受信任计算机的方法。以下步骤将引导您生成 SSH 密钥，然后将公钥添加到您的 GitHub 帐户。

https://help.github.com/articles/generating-ssh-keys

https://help.github.com/articles/generating-ssh-keys

Enabling SSH connections over HTTPS if it is blocked by firewall

如果防火墙阻止，则启用通过 HTTPS 的 SSH 连接

Test if SSH over the HTTPS port is possible, run this SSH command:

测试是否可以通过 HTTPS 端口进行 SSH，运行以下 SSH 命令：

$ ssh -T -p 443 [email protected]
Hi username! You've successfully authenticated, but GitHub does not
provide shell access.

If that worked, great! If not, you may need to follow our troubleshooting guide.

如果那行得通，那太好了！如果没有，您可能需要遵循我们的故障排除指南。

If you are able to SSH into [email protected]over port 443, you can override your SSH settings to force any connection to GitHub to run though that server and port.

如果您能够通过 SSH 连接到[email protected]端口443，则可以覆盖您的 SSH 设置以强制通过该服务器和端口运行与 GitHub 的任何连接。

To set this in your ssh config, edit the file at ~/.ssh/config, and add this section:

要在您的 ssh 配置中进行设置，请编辑位于 的文件~/.ssh/config，并添加以下部分：

Host github.com
  Hostname ssh.github.com
  Port 443

You can test that this works by connecting once more to GitHub:

您可以通过再次连接到 GitHub 来测试它是否有效：

$ ssh -T [email protected]
Hi username! You've successfully authenticated, but GitHub does not
provide shell access.

From Authenticating to GitHub / Using SSH over the HTTPS port

从验证到 GitHub / 通过 HTTPS 端口使用 SSH

Also see: the official Which remote URL should I use?answer on help.github.com.

另请参阅：官方我应该使用哪个远程 URL？在 help.github.com 上回答。

EDIT:

编辑：

It seems that it's no longer necessary to have write access to a public repo to use an SSH URL, rendering my original explanation invalid.

似乎不再需要对公共存储库进行写访问来使用 SSH URL，这使我原来的解释无效。

ORIGINAL:

原来的：

Apparently the main reason for favoring HTTPS URLs is that SSH URL's won't work with a public repo if you don't have write access to that repo.

显然，支持 HTTPS URL 的主要原因是，如果您没有对该存储库的写访问权限，则 SSH URL 将无法与公共存储库一起使用。

The use of SSH URLs is encouraged for deployment to production servers, however - presumably the context here is services like Heroku.

鼓励使用 SSH URL 部署到生产服务器，但是 - 大概这里的上下文是像 Heroku 这样的服务。

It's possible to argue that using SSHs key to authenticate is less secure because we tend to change our password more periodically than we generate new SSH keys.

有可能会争辩说使用 SSH 密钥进行身份验证的安全性较低，因为与生成新的 SSH 密钥相比，我们倾向于更定期地更改密码。

Servers that limit the lifespan for which they'll honor given SSH keys can help force users toward the practice of refreshing SSH-keys periodically.

限制使用给定 SSH 密钥的寿命的服务器可以帮助迫使用户定期刷新 SSH 密钥。

Maybe because it's harder to steal a password from your brain then to steal a key file from your computer (at least to my knowledge, maybe some substances exist already or methods but this is an infinite discussion)? And if you password protect the key, then you are using a password again and the same problems arise (but some might argue that you have to do more work, because you need to get the key and then crack the password).

也许是因为从大脑中窃取密码比从计算机中窃取密钥文件更难（至少据我所知，也许已经存在某些物质或方法，但这是一个无限的讨论）？如果您用密码保护密钥，那么您将再次使用密码并出现同样的问题（但有些人可能会争辩说您必须做更多的工作，因为您需要获取密钥然后破解密码）。