在 Windows 上使用 Git,在 HTTP 代理后面,无需在磁盘上存储代理密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/22799825/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Using Git on Windows, behind an HTTP proxy, without storing proxy password on disk
提问by ajd
I'm using Git on Windows, on a corporate network where I'm behind an HTTP proxy with Basic authentication. Outbound SSH doesn't work, so I have to use HTTPS through the proxy.
我在 Windows 上使用 Git,在公司网络上使用基本身份验证的 HTTP 代理。出站 SSH 不起作用,所以我必须通过代理使用 HTTPS。
I'm aware of how to use git config http.proxyto configure the settings as http://[username]:[password]@[proxy]:[port].
我知道如何使用git config http.proxy将设置配置为http://[username]:[password]@[proxy]:[port].
However, particularly as this is a shared machine, I'd rather not store my password in my .gitconfig. Additionally, changing my .gitconfigusing the git configcommand leaves my password in my bash history, so even if I remember to clear my .gitconfigat the end of the session, I'll almost certainly forget to clear my history as well.
但是,特别是因为这是一台共享机器,我宁愿不将密码存储在我的.gitconfig. 此外,更改我的.gitconfig使用git config命令.gitconfig会将我的密码留在我的 bash 历史记录中,因此即使我记得在会话结束时清除我的密码,我几乎肯定也会忘记清除我的历史记录。
I've tried setting http.proxywithout a password, in the vain hope that I'd get a prompt asking me for my password when I try to push/pull, but I only get a 407 Proxy Authentication Required. All the information I've found online seems to either ignore the issues with having the password saved in plaintext in .gitconfig, or deals with NTLM proxies.
我尝试过http.proxy不设置密码的设置,但徒劳地希望在我尝试推/拉时会提示我输入密码,但我只得到 407 代理身份验证。我在网上找到的所有信息似乎都忽略了将密码以明文形式保存在.gitconfig.
I'm quite happy to type my proxy details every time I need to connect - the best solution I can see at the moment is writing a wrapper script that will prompt for my password and set that as an environment variable when calling gitproper. Is this a decent solution, and are there any security implications to setting an environment variable for a single call in a script? Preferably, are there any built-in settings or existing tools that I can use for this?
我很高兴每次需要连接时都输入我的代理详细信息 - 目前我能看到的最佳解决方案是编写一个包装脚本,该脚本将提示输入我的密码并将其设置为git正确调用时的环境变量。这是一个不错的解决方案,并且为脚本中的单个调用设置环境变量是否有任何安全隐患?最好,是否有任何内置设置或现有工具可以用于此目的?
采纳答案by VonC
Instead of using git setting, you can also use environment variable (that you can set just for your session), as described in this answer:
除了使用 git 设置,您还可以使用环境变量(您可以仅为您的会话设置),如本答案所述:
set http_proxy=http://username:password@proxydomain:port
set https_proxy=http://username:password@proxydomain:port
set no_proxy=localhost,.my.company
So your wrapper script could, instead of modifying the .gitconfig(and leaving your password in plain text) set environment variables on demand, just for your current session.
因此,您的包装器脚本可以根据需要修改.gitconfig(并以纯文本形式保留密码)设置的环境变量,而只是针对您当前的会话。
As notedby Welgriv, this is unsafe since environmental variables can be accessed by any program in user mode.
正如Welgrav所指出的,这是不安全的,因为任何程序都可以在用户模式下访问环境变量。
These days (2020, 5+ years later), I prefer:
这些天(2020 年,5 年后),我更喜欢:
set http_proxy=http://127.0.0.1:3128
set https_proxy=http://127.0.0.1:3128
With 127.0.0.1:3128 being the default URL for a genotrance/px, a small HTTP proxy server, which will automatically authenticate through an NTLM proxy.
No password or even user to set.
127.0.0.1:3128 是genotrance/px一个小型 HTTP 代理服务器的默认 URL ,它将自动通过 NTLM 代理进行身份验证。
无需设置密码甚至用户。
回答by 0xA0
since git 2.8.0
从 git 2.8.0 开始
git config --global http.proxy http://[user]@proxyhost:port
git config --global credential.helper wincred
回答by DomTomCat
VonC's answer doesn't always solve the problem. I don't know why, but it may depend on the proxy server - or maybe it's some other issue alltogether?
VonC 的回答并不总能解决问题。我不知道为什么,但这可能取决于代理服务器 - 或者可能是其他一些问题?
It may help to replace the git://protocol of the repository with http://.
git://将存储库的协议替换为http://.
Note: As in VonC's answer, you'll have to setup the http(s)_proxyenvironment variables first:
注意:在 VonC 的回答中,您必须先设置http(s)_proxy环境变量:
set http_proxy=http://username:password@proxydomain:port
set https_proxy=http://username:password@proxydomain:port
For example, clone marble's stable git would usually be cloned like this (from the marble documentation):
例如,克隆大理石的稳定 git 通常会像这样克隆(来自大理石文档):
git clone -b Applications/15.12 git://anongit.kde.org/marble ~/marble/sources
git clone -b Applications/15.12 git://anongit.kde.org/marble ~/marble/sources
In windows' cmd(assuming http_proxyhas been set), you may then have to use http[s]://instead:
在 windows 中cmd(假设http_proxy已设置),您可能必须改为使用http[s]://:
git clone -b Applications/15.12 http://anongit.kde.org/marble ~/marble/sources
回答by Rahul Shukla
If you are behind Proxy server, follow this.
如果您在代理服务器后面,请按照此操作。
Make sure port 9418 is excluded from your firewall rules.Ask network administrator
确保端口 9418 从防火墙规则中排除。询问网络管理员
Unset Proxy if it is already set:
如果已经设置,则取消设置代理:
- git config --global --unset http.proxy
- git config --global --unset https.proxy
- git config --global --unset http.proxy
- git config --global --unset https.proxy
Set the proper Proxy:
设置适当的代理:
- git config --global http.proxy http://username:password@proxydomain:port
- git config --global https.proxy http://username:password@proxydomain:port
- git config --global http.proxy http://username:password@proxydomain:port
- git config --global https.proxy http://username:password@proxydomain:port
Common Errors:
常见错误:
- 502: URL/IP is unreachable from your network.
- 407: Proxy authentication Denied.
- 80 : Proxy has not been set properly.
- 502:无法从您的网络访问 URL/IP。
- 407:代理身份验证被拒绝。
- 80 : 代理设置不正确。
