How to make git use a socks proxy for HTTP transport?
I succeed in configuring git with GIT_PROXY_COMMAND to use a socks proxy for GIT transport.
Also, I have configured my .curlrc file to defined the socks proxy and I can fetch information directly with curl command like:
curl http://git.kernel.org/pub/scm/git/git.git/info/refs?service=git-upload-pack
But how to use a socks proxy with git to retrieve data using the HTTP transport protocol like:
git clone http://git.kernel.org/pub/scm/git
I tested with Git 1.8.2 and SOCKS v5 proxy, following setting works for me:
git config --global http.proxy 'socks5://127.0.0.1:7070'
UPDATE 2017-3-31:
According to the document, despite the name http
.proxy
, it should work for both HTTP and HTTPS repository urls. Thanks @user for pointing out this.
UPDATE 2018-11-27:
To disable the proxy, run command:
git config --global --unset http.proxy
EDIT 2019-03-04:
If you also want the host name to be resolved using the proxy, use thuzhf's solution below, which uses socks5h
instead of socks5
If you do not want to set the proxy as global config, try ALL_PROXY=
e.g.:
$ ALL_PROXY=socks5://127.0.0.1:8888 git clone https://github.com/some/one.git
(Just a little reminder) If you want the hostname also be resolved by the proxy (that means passing everything through the proxy), especially when you are cloning a gist, you can use the following setting (the key is that it uses socks5h instead of socks5):
git config --global http.proxy socks5h://127.0.0.1:1080
I use the following command to clone a specific repository from socks5 proxy. The proxy settings are specified with --config
option.
$ git clone https://github.com/xxxxx --config 'http.proxy=socks5://127.0.0.1:1234'
Note: the patch here was applied to git in 2015 for version 2.4.11. Since that time you can just use socks:// urls with the http.proxy configuration settings.
For the git:// protocol we have Using Git with a SOCKS proxy. However, it appears that git does not properly support socks proxies. git itself is linked to libcurl. So the .curlrc file is not used (that is just for the curl command line client). However, the following patch provides the necessary support. With this patch applied to git we can simply set the ALL_PROXY environment variable or HTTP_PROXY or HTTPS_PROXY to socks://hostname:portnum
(or socks4/socks5) or indeed the http.proxy git config setting and libcurl will now actually use the socks protocol when using the proxy.
For example, an active trace:
$ GIT_CURL_VERBOSE=1 bin-wrappers/git -c "http.proxy=socks://localhost:1080" ls-remote http://github.com/patthoyts/tclftd2xx.git
* Couldn't find host github.com in the _netrc file; using defaults
* About to connect() to proxy localhost port 1080 (#0)
* Trying 127.0.0.1...
* connected
* SOCKS4 request granted.
* Connected to localhost (127.0.0.1) port 1080 (#0)
> GET /patthoyts/tclftd2xx.git/info/refs?service=git-upload-pack HTTP/1.1
User-Agent: git/1.8.1.msysgit.1.dirty
... and on to a successful request ...
The necessary patch:
diff --git a/http.c b/http.c
index 3b312a8..f34cc75 100644
--- a/http.c
+++ b/http.c
@@ -322,6 +322,14 @@ static CURL *get_curl_handle(void)
if (curl_http_proxy) {
curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
+#if LIBCURL_VERSION_NUM >= 0x071800
+ if (!strncmp("socks5", curl_http_proxy, 6))
+ curl_easy_setopt(result, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
+ else if (!strncmp("socks4a", curl_http_proxy, 7))
+ curl_easy_setopt(result, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4A);
+ else if (!strncmp("socks", curl_http_proxy, 5))
+ curl_easy_setopt(result, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4);
+#endif
}
return result;
Just in reference to @briankip and removing the http proxy setting as Yang.Y mentioned you can directly edit the ini file.
You can also do this on the command line using
git config --global --unset http.proxy
To confirm it has been removed list the current configuration using
git config --list
None of the suggested methods worked for me, so I found another approach as the following instruction:
Make a tunnel (dynamic port forwarding) over SOCKS5 protocol using ssh: ssh -ND 9994 user@YourSshServer
Install proxychains on your localhost, not the ssh server you're connected to:
Using apt-get: sudo apt-get install proxychains
Using its GitHub repository: Check Installation section on its readme file. How to set socks5 proxy on firefox
Edit your proxychains configure file: sudo nano /etc/proxychains.conf then add the following line at the end of file: socks5 127.0.0.1 9994
Now we are ready to do a git command (proxychains must be placed before the command): proxychains git push origin develop
None of the above worked for me unfortunately, however this did:
nano ~/.ssh/config
Add:
Host my-host.foo.bar.com
ProxyJump username@host.local
Where 'host.local' is a vanilla mac with 'remote login enabled' in the sharing settings. Worked for me :)
Success story sharing
~/.gitconfig
and remove[https.proxy]
and[http.proxy]
sections, its anini
file, feel free to edit it.git -c http.proxy=socks5://127.0.0.1:7070
, or something like that. Maybe you could make an aliasgitsocks
to that, which would allow to you easily call git with and without socks as desired`man 1 curl
. "Makes it the equivalent of --socks5-hostname")