You may need to configure a proxy server if you're having trouble cloning
or fetching from a remote repository or getting an error
like unable to access '...' Couldn't resolve host '...'.
Consider something like:
git config --global http.proxy http://proxyUsername:[email protected]:port
Or for a specific domain, something like:
git config --global http.https://domain.com.proxy http://proxyUsername:[email protected]:port
git config --global http.https://domain.com.sslVerify false
Setting http.<url>.sslVerify to false may help you quickly get going if your workplace
employs man-in-the-middle HTTPS proxying. Longer term, you could get the
root CA that they are applying to the certificate chain
and specify it with either http.sslCAInfo or http.sslCAPath.
See also the git-config documentation, especially the following sections if you're having HTTPS/SSL issues
http.sslVerifyhttp.sslCAInfohttp.sslCAPathhttp.sslCerthttp.sslKeyhttp.sslCertPasswordProtected
You can configure these globally in your user ~/.gitconfig file using the --global switch, or local to a repository in its .git/config file.
Configure a global proxy if all access to all repos require this proxy
git config --global http.proxy http://proxyUsername:[email protected]:port
If you wish to specify that a proxy should be used for just
some URLs that specify the URL as a git config subsection
using http.<url>.key notation:
git config --global http.https://domain.com.proxy http://proxyUsername:[email protected]:port
Which will result in the following in the ~/.gitconfig file:
[http]
[http "https://domain.com"]
proxy = http://proxyUsername:[email protected]:port
If you're still having trouble cloning or fetching and are now getting
an unable to access 'https://...': Unknown SSL protocol error in connection to ...:443 then
you may decide to switch off SSL verification for the single operation
by using the -c http.sslVerify=false option
git -c http.sslVerify=false clone https://domain.com/path/to/git
Once cloned, you may decide set this for just this cloned
repository's .git/config by doing. Notice the absence of the --global
git config http.sslVerify false
If you choose to make it global then limit it to a URL using
the http.<url>.sslVerify notation:
git config --global http.https://domain.com.sslVerify false
Which will result in the following in the ~/.gitconfig file:
[http]
[http "https://domain.com"]
proxy = http://proxyUsername:[email protected]:port
sslVerify = false
To show the current configuration of all http sections
git config --global --get-regexp http.*
If you are in a locally cloned repository folder then you drop
the --global and see all current config:
git config --get-regexp http.*
Use the --unset flag to remove configuration being specific about the
property -- for example whether it was http.proxy or http.<url>.proxy.
Consider using any of the following:
git config --global --unset http.proxy
git config --global --unset http.https://domain.com.proxy
git config --global --unset http.sslVerify
git config --global --unset http.https://domain.com.sslVerify
Hi, thanks for the doc !
Indeed, leverage the built-in proxy feature of git is so much better and secure than just exporting https_proxy or http_proxy as env. variables.
However, @ozbillwang is right: that works only for remotes configured with http/https.
for git+ssh, I found out that corkscrew is a glorified netcat.
In other words, we can rely on netcat and have the connection goes through successfully. Though I tested only with Squid, I felt it is a more agnostic approach.
for git+ssh
Option 1: set it globally in ~/.ssh/config
Option 2: set it per project
In your local repo:
git config core.sshCommand "ssh -i /path/private_key -o 'ProxyCommand nc --proxy proxyserver_ip:proxyserver_port %h %p'"If you need the troubleshoot, pass -v switch to the command git config or add LogLevel DEBUG in .ssh/config file.
git -c core.sshCommand="ssh -v -i /home/steve/tutogit/creds/key -o 'ProxyCommand nc --proxy proxyserver_ip:proxyserver_port %h %p'" fetch kwakousteve