Update (06/30/2010): This method may no longer work with the newer msysgit versions. Since I’m no longer with the company that had a proxy implemented, I’m not able to test out the setup.
Update: Scott Chacon recently posted about Smart HTTP transport which is basically the ability to perform git commands over HTTP with authentication, but unfortunately, it only works for git clients version 1.6.6 and above. msysgit (Git for Windows) is currently on version 188.8.131.52. I will write a post about it once there’s a new version of msysgit. Git for OS X has the supported clients.
Jeff Tchang does a pretty nice job explaining how to use git commands via SSH through the corporate proxy on Unix and Windows. I’m just going to fill in a few missing gaps. This is a straight guide for making git work on Windows in your corporate environment.
Install msysgit with OpenSSH option (should be the last one in red). Follow these instructions (if you have not already) to generate SSH keys. If you prefer the command prompt like me (help guide uses cygwin aka Git Bash), then follow these simple instructions:
C:\Windows\System32>cd %HOME% C:\Users\skim>
C:\Users\skim>ssh-keygen -t rsa -C "firstname.lastname@example.org"
where “email@example.com” is your own email address linked to your GitHub account.
C:\Users\skim>ssh-keygen -t rsa -C "firstname.lastname@example.org" Generating public/private rsa key pair. Enter file in which to save the key (/c/Users/skim/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /c/Users/skim/.ssh/id_rsa. Your public key has been saved in /c/Users/skim/.ssh/id_rsa.pub. The key fingerprint is: e8:ae:60:8f:38:c2:98:1d:6d:84:60:8c:9e:dd:47:81 email@example.com
At this point, it created two important files under %HOME%\.ssh : id_rsa and id_rsa.pub
C:\Users\skim>dir .ssh Volume in drive C has no label. Volume Serial Number is 4C30-D3E0 Directory of C:\Users\skim\.ssh 02/07/2010 07:43 PM <DIR> . 02/07/2010 07:43 PM <DIR> .. 02/06/2010 11:10 PM 1,675 id_rsa 02/06/2010 11:10 PM 399 id_rsa.pub 02/07/2010 07:43 PM 407 known_hosts 3 File(s) 2,481 bytes 2 Dir(s) 11,605,680,128 bytes free
The content of id_rsa.pub will be used to add a public key to your SSH public keys list on your GitHub account. This will allow you to talk to your GitHub repositories from the very computer you are using now. Make sure you have done this.
The other file, id_rsa will be used to allow access to your GitHub repositories via SSH/proxy.
Under %HOME%\.ssh, create a new file called config and add the following:
ProxyCommand C:/git/bin/connect.exe -H firstname.lastname@example.org:443 %h %p Host github.com User git Port 22 Hostname github.com IdentityFile "C:\Users\skim\\.ssh\id_rsa" TCPKeepAlive yes IdentitiesOnly yes Host ssh.github.com User git Port 443 Hostname ssh.github.com IdentityFile "C:\Users\skim\\.ssh\id_rsa" TCPKeepAlive yes IdentitiesOnly yes
Make sure to change the following in the above commands to match your environment:
Assuming _Your_Git_Path_\bin\ folder is in your PATH environment variable, try running the following command:
C:\Users\skim>ssh -F %HOME%\skim\.ssh\config github.com ERROR: Hi sl4m! You've successfully authenticated, but GitHub does not provide shell access Connection to github.com closed.
The error is expected since GitHub does not allow shell access. What is most important is that you see the “successfully authenticated” message.
Now that you’re all set, you can run git commands. It’s slightly different from the git commands you might be used to (if you’re familiar with git already). When you clone a repository, you typically invoke this command:
git clone git://github.com/rails/rails.git
But with SSH, this is how you invoke the same command:
git clone ssh://email@example.com:443/rails/rails.git
Follow the pattern and you should be able to run all git commands via SSH/proxy.