Hoi,
I try to hg pull
from my private repo on Bitbucket.org into my local repo on my Windows machine from behind the company proxy that requires Windows authentication.I found the proxy server and port (Internet options of IE)
I found the set开发者_开发技巧tings
Mercurial.ini
file in my%USERPROFILE%
I added this section to it (info):
[http_proxy]
host =TheProxyServer
:TheProxyServerPort
user =MyWindowsLogin
passwd =MyWindowsPassword
This works:
C:\path\to\repo> hg pull
http authorization required realm: Bitbucket.org HTTP user:
after I enter the credentials of Bitbucket, I get:
searching for changes
no changes found
But writing down the password in Mercurial.ini
is obviously a major security issue (besides having to update this file each month because of our password policies).
Is it somehow possible to let Mercurial ask for the proxy credentials?
Or store these credentials in a more secure way?Edit:
I tried with the same settings and SSH, but I got this:
C:\path\to\repo> hg clone ssh://hg@bitbucket.org/ME/repo/
running ""C:\Program Files\TortoiseHg\TortoisePlink.exe" -ssh -2 hg@bitbucket.org "hg -R ME/repo/ serve --stdio"abort: no suitable response from remote hg!
And a dialog : "PuTTY Fatal Error - Network error: Connection timed out"
Edit2:
This question came up because Subversion handles this situation correctly:
In the Subversion servers
file I specify the proxy host and port too, and Subversion automagically sends my windows authentication to it. I don't have to enter nor write down my credentials anywhere when checking out source from the web via the proxy using e.g.
C:\workingdir> svn checkout http://okarito.googlecode.com/svn/trunk/ okarito-read-only
... Checked out revision 5.
Thanks in advance!
JanAnother alternative is to run a local http proxy which then authenticates with your companies http proxy. You can run cntlm under Cygwin and safely store an NTLMv2 hash in the cntlm conf file. You then set you http proxy to be localhost:3128, and don't specify a username or password.
My other suggestion is to use TortoiseHg. This will store your proxy information, but I'm not sure if it's stored securely.
You can use the --config
option to hg
as this allows you override configuration settings from the command line. The syntax is --config <section>.<name>=<value>
, so try this:
hg --config http_proxy.passwd=YourWindowsPassword pull
This will leave your password in your command history but this is probably better than in the Mercurial.ini
file.
精彩评论