It is nice to make various fetch operations (`git fetch`, `git ls-remote -h origin master`) not require passwords/authentication, so that scripts are free to call them liberally. (but keep the passwords for anything that involves pushing things to the remote)
What ways are available to accomplish this?
This is possible only for repositories that are accessible in two different ways: 1) a read-only URL, and 2) a read/write URL.
git remote set-url <remote_name> <url>
Set the fetch URL to the read-only one.
git remote set-url --push <remote_name> <url>
Set the push URL to the read/write one.
For github, there are two types of read-only URLs available:
(git protocol, port 9418)
(ssh protocol, port 22)