在Windows上使用Git，位于HTTP代理之后，不需要在磁盘上存储代理密码 [英] Using Git on Windows, behind an HTTP proxy, without storing proxy password on disk

问题描述

我在Windows上使用Git，在公司网络上我使用基本身份验证的HTTP代理。出站SSH不起作用，所以我必须通过代理使用HTTPS。

I'm using Git on Windows, on a corporate network where I'm behind an HTTP proxy with Basic authentication. Outbound SSH doesn't work, so I have to use HTTPS through the proxy.

我知道如何使用 git config http。 proxy 将设置配置为 http：// [username]：[password] @ [proxy]：[port] 。

I'm aware of how to use git config http.proxy to configure the settings as http://[username]:[password]@[proxy]:[port].

然而，特别是因为这是一台共享机器，我宁愿不将我的密码保存在 .gitconfig 中。另外，使用 git config 命令更改我的 .gitconfig 命令将我的密码留在了我的bash历史记录中，所以即使我记得在会话结束时清除我的 .gitconfig ，我几乎肯定会忘记清除我的历史记录。

However, particularly as this is a shared machine, I'd rather not store my password in my .gitconfig. Additionally, changing my .gitconfig using the git config command leaves my password in my bash history, so even if I remember to clear my .gitconfig at the end of the session, I'll almost certainly forget to clear my history as well.

我试着在没有密码的情况下设置 http.proxy ，妄图在我试图推/拉，但我只得到407代理身份验证要求。我在网上找到的所有信息似乎都忽略了在 .gitconfig 中以明文形式保存密码或处理NTLM代理的问题。

I've tried setting http.proxy without a password, in the vain hope that I'd get a prompt asking me for my password when I try to push/pull, but I only get a 407 Proxy Authentication Required. All the information I've found online seems to either ignore the issues with having the password saved in plaintext in .gitconfig, or deals with NTLM proxies.

我很高兴每次需要连接时输入我的代理详细信息 - 目前我可以看到的最佳解决方案是编写一个包装脚本，它将提示输入密码并将其设置为调用 git 正确时的环境变量。这是一个体面的解决方案，并且在脚本中为单个调用设置环境变量是否存在安全隐患？最好是，有没有内置的设置或现有的工具，我可以用它？

I'm quite happy to type my proxy details every time I need to connect - the best solution I can see at the moment is writing a wrapper script that will prompt for my password and set that as an environment variable when calling git proper. Is this a decent solution, and are there any security implications to setting an environment variable for a single call in a script? Preferably, are there any built-in settings or existing tools that I can use for this?

推荐答案

您也可以使用环境变量（您可以为您的会话设置），如此答案所述：

Instead of using git setting, you can also use environment variable (that you can set just for your session), as described in this answer:

set http_proxy=http://username:password@proxydomain:port
set https_proxy=http://username:password@proxydomain:port
set no_proxy=localhost,.my.company 

所以你的包装器脚本可以，而不是修改 .gitconfig （并以纯文本形式保留密码），只需要为当前会话设置环境变量。

So your wrapper script could, instead of modifying the .gitconfig (and leaving your password in plain text) set environment variables on demand, just for your current session.

这篇关于在Windows上使用Git，位于HTTP代理之后，不需要在磁盘上存储代理密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！