If your network administrator has blocked (using a proxy or firewall) any outgoing ssh connection (port 22) and you can't pull, clone, push,… from a remote repository you can fix it by using the https protocol.
Note: The repo must be accesible via https.
Add the following lines to your ~/.gitconfig file
[http] proxy = http://user:pwd@proxy-url:proxy-port # Useful if your proxy only allows known user agent useragent = Mozilla/4.0 # Uncomment bellow line if your Repo provider provides # a non root certificate for example a self generated # certificate but be cautios your source must be a # trusted source # sslVerify = false # This save your Repo credentials on ~/.git-credentials # and avoid to type them over and over [credential] helper = store
If some of your repositories don't need proxy, for example your organization repositories that are hosted on the WAN servers, would be enough set the proxy variable to an empty value.
1) Create the DIR that will contain the repo
$ mkdir sysadmin
2) Change to the sysadmin DIR
$ cd sysadmin
3) Initialize the repo
$ git init .
4) Add the origin
$ git remote add origin https://github.com/yoander/sysadmin.git
5) Edit .git/config configuration file
$ vim .git/config
6) Should be similar to
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/yoander/sysadmin.git fetch = +refs/heads/*:refs/remotes/origin/* proxy =
Also is possible to have a specific proxy configuration for each repo, the previous configuration would be:
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/yoander/sysadmin.git fetch = +refs/heads/*:refs/remotes/origin/* proxy = http://user:pwd@proxy-url:proxy-port
Note the value of the proxy variable in the 2 above examples.
* man git-config
2 thoughts on “Git behind a proxy or firewall”
You can also fix it by ssh tunneling over a port that’s permitted. Just set up a pass through ssh endpoint on diverging like a digital ocean droplet.
When I saw this title I took it for an admonition or piece of advice, as in, “If y’all wanna be secure, better git behind a proxy or firewall”.