Does git clone work through NTLM proxies?

前端未结

关注

 9  1403

情书的邮戳 2020-12-04 18:30

I\'ve tried both using export http_proxy=http://[username]:[pwd]@[proxy] and git config --global http.proxy http://[username]:[pwd]@[proxy].

9条回答

醉梦人生 (楼主)

2020-12-04 18:54
Since this was a question I kept finding on my search to make this work, I'll add my answer here.

I needed to get access to a github.com hosted repo working via an http(s) proxy (that requires NTLM authentication) on one network, and have it still work when on a normal internet connection, from our Mac OS X dev machines.

Here is how I made it work. This won't work for every git hosting provider, but I'm posting in case it helps you figure this out. This is also only for Mac OS X, but if you figure out how to run something on network change for your system, the rest should follow.

I had to use git clone git@github.com:user/repo.git after setting up ssh access as normal (http://help.github.com/mac-set-up-git/).

I then needed to setup a local http(s) proxy that handles the NTLM authentication, such as ntlmaps, cntlm or Authoxy. I've tested with Authoxy. I'll leave configuring this to you, because you'll need to know your own proxy details.

You'll also need corkscrew, which is just sudo port install corkscrew if you have MacPorts.

Then I added the following to ~/.ssh/config:
```
Host github.com.disabled
User git
HostName ssh.github.com
Port 443
ProxyCommand /opt/local/bin/corkscrew localhost 6574 %h %p
```
Where 6574 is the TCP port I set Authoxy to listen on.

Now I created a script that tries to find the http(s) proxy server, and configures the ssh setup according to what it finds, at /usr/local/bin/locationchanger:
```
#!/bin/sh

set -o nounset
set -o errexit

sleep 10 # allow for WiFi to actually connect.

# if we can find the proxy server, then use it.
if ! host proxy.internal.network;
then
    echo "Proxy server not found, clearing http(s) proxy";
    sed -i '.backup' -E 's/^Host github.com$/Host github.com.disabled/' "$HOME/.ssh/config"
else
    echo "Proxy server found, setting http(s) proxy";
    sed -i '.backup' -E 's/^Host github.com.disabled$/Host github.com/' "$HOME/.ssh/config"
fi
echo "Done."
```
Don't forget to chmod +x /usr/local/bin/locationchanger.

Now create ~/Library/LaunchAgents/LocationChanger.plist:
```
    Label
    tech.inhelsinki.nl.locationchanger
    ProgramArguments
    
        /usr/local/bin/locationchanger
    
    WatchPaths
    
        /Library/Preferences/SystemConfiguration
    
```
And then launchctl load ~/Library/LaunchAgents/LocationChanger.plist. This launchd job will run whenever the network changes. If it can find your internal network http(s) proxy server, it will make ssh use corkscrew to work through Authoxy, which will handle working through the company proxy. If it can't find the proxy server, it will disable the special ssh config, and you're working just like normal.

Now our team doesn't have to think about network switching anymore.
0 讨论(0)

查看其它9个回答
发布评论:

提交评论
- 加载中...