Oct 19, 2016
This worked for awhile, until it stopped working :(. I think my company must've added Dropbox to a blacklist or something.
seen from United States
seen from United States
seen from United States
seen from Netherlands
seen from United States
seen from United States
seen from United States
seen from United States
seen from Netherlands
seen from Hong Kong SAR China
seen from China
seen from Yemen
seen from China
seen from Germany
seen from Germany
seen from Kyrgyzstan
seen from United States
seen from Türkiye
seen from United States
seen from United States
This worked for awhile, until it stopped working :(. I think my company must've added Dropbox to a blacklist or something.
Hi all, I was finally able to get Bitbucket/Git SSH working through our restrictive corporate proxy. Here's how (YMMV):
Install CNTLM. Confirm that it's working properly by successfully connecting to Dropbox. If your proxy already allows you to connect to Dropbox, then you can skip this step (and change the host:port accordingly in steps 3 and 4).
Ensure the ssh-agent is installed and running properly in your Git shell by executing ssh-add -l. Your id_rsa identity should be returned.
Add this to ~/.gitconfig:
[http] proxy = http://127.0.0.1:3128
Add this to ~/.ssh/config:
Host * ProxyCommand /bin/connect -H 127.0.0.1:3128 %h %p Host bitbucket.org HostName altssh.bitbucket.org IdentityFile ~/.ssh/id_rsa Port 443
Try ssh -T [email protected] -vv. If you get a cmd.exe: No such file or directory error, then you'll need to add this to your ~/.bashrc (or ~/.bash_profile):
export SHELL=/bin/sh
That should do the trick. Now ssh -T [email protected] ends with this:
You can use git or hg to connect to Bitbucket. Shell access is disabled.
A very good message, indeed :-).
CNTLM - Self Service Proxy
At work today before I left, the Lead Operator noted to me a handy package called cntlm, which is apparently a way to create a local proxy on the box, according to an internal proxy inside of your enterprise network.
This is handy, because you can route all of your browsers, services, etc, through this proxy instead of having to use http_proxy or leaving it in a yum.conf or other places. This has made my
Check it out.
% yum install cntlm
What I did is I set it up like so...
## I set my user and domain, with password. ## It is NOT recommended for it be in clear text, ## the conf tells you what to do in that case. Username zeranalika Domain clockcorp Password this_is_my_pass ## I set my proxies by IP. You can use hostname. proxy 10.100.0.1:8080 proxy 10.100.0.2.8080 ## I left this default. Listen 3128 ## This is for what domains or IP's that the proxy should be ignored NoProxy localhost, 127.0.0.*, 10.*, *.angelsofclockwork.net, *.bromosapien.net
After that, I saved the file, started it up and tried out yum.
[root@syan ~]# vi /etc/yum.conf . . . proxy=http://localhost:3128 [root@syan ~]# systemctl start cntlm
[root@syan ~]# yum update -y Loaded plugins: langpacks fedora/21/x86_64/metalink | 14 kB 00:00:00 fedora | 3.8 kB 00:00:00 updates/21/x86_64/metalink | 16 kB 00:00:00 updates | 4.9 kB 00:00:00 (1/4): fedora/21/x86_64/group_gz | 232 kB 00:00:00 (2/4): updates/21/x86_64/group_gz | 405 kB 00:00:00 (3/4): updates/21/x86_64/primary_db | 2.6 MB 00:00:00 (4/4): fedora/21/x86_64/primary_db | 17 MB 00:00:05 (1/2): updates/21/x86_64/updateinfo | 273 kB 00:00:00 (2/2): updates/21/x86_64/pkgtags | 1.3 MB 00:00:00
Success!
Using GitHub Behind a Proxy (Windows)
Using GitHub Behind a Proxy (Windows)
At work I am connected to the internet through a proxy. The proxy prevented me from connecting to repositories on GitHub because authentication isn’t handled properly. A co-worker recommended using the CTNLM proxy (http://cntlm.sourceforge.net/) to handle the authentication.
CNTLM works well, but he said he was having a problem with slow connections. He said he found an issue where the proxy…
View On WordPress
Using vagrant with cntlm proxy
cntlm is a great tool to get around those nasty corporate firewalls.
To use the proxy cntlm generates in vagrant all you have to do is enable vagrant-proxyconf:
vagrant plugin install vagrant-proxyconf
and then add the proxy to your Vagrantfile
Vagrant.configure("2") do |config| if Vagrant.has_plugin?("vagrant-proxyconf") config.env_proxy.http = "http://10.0.2.2:3128" config.env_proxy.https = "http://10.0.2.2:3128" config.proxy.http = "http://10.0.2.2:3128" config.proxy.https = "http://10.0.2.2:3128" config.proxy.no_proxy = "localhost,127.0.0.1" end # ... other stuff end
The trick here is to use 10.0.2.2 for the proxy configuration. You cannot use localhost because localhost is the vagrant machine and not the host machine.
building cntlm from subversion using macports
I recently submitted a bug report to cntlm, who fixed the problem in SVN.
New problem: building it in macports from subversion. (Why do it the easy way?)
(Update: when run as a system service on Lion, it crashes. I suspect this is due to sandboxing in Lion, because it works fine as long as you don't let it open its conf file).
Instructions
Install and configure macports. Note that selfupdate doesn't work from svn.
Create a local repository:
mkdir -p ~/ports/net/cntlm/files
Copy the Portfile and patch to the repository (contents below):
cp /path/to/Portfile ~/ports/net/cntlm cp /path/to/patch-trunk-Makefile.diff ~/ports/net/cntlm/files
Configure the local repository. Add the following line to /opt/local/etc/macports/sources.conf, then sync the repository:
file:///Users/localadmin/ports
sudo port -d sync
Install cntlm:
sudo port -v install cntlm
Portfile
# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4 # $Id$ PortSystem 1.0 name cntlm version HEAD license gpl categories net platforms darwin maintainers xs4all.nl:hbruinsma homepage http://cntlm.sourceforge.net/ description Cntlm is an NTLM / NTLM Session Response / NTLMv2 authenticating HTTP proxy svn.url https://cntlm.svn.sourceforge.net/svnroot/cntlm/cntlm/trunk svn.revision HEAD fetch.type svn worksrcdir trunk patchfiles patch-trunk-Makefile.diff depends_lib port:coreutils build.target {} build.args SYSCONFDIR=/opt/local/etc BINDIR=/opt/local/sbin \ MANDIR=/opt/local/man destroot.args SYSCONFDIR=/opt/local/etc BINDIR=/opt/local/sbin \ MANDIR=/opt/local/man startupitem.create yes startupitem.name cntlm startupitem.executable "${prefix}/sbin/cntlm"
patch-trunk-Makefile.diff
-- Makefile 2011-10-14 19:45:26.000000000 +0800 +++ Makefile.old 2011-12-06 17:11:08.000000000 +0800 @@ -44,10 +44,10 @@ install -M 644 -f $(MANDIR)/man1 doc/$(NAME).1; \ install -M 600 -c $(SYSCONFDIR) doc/$(NAME).conf; \ else \ - install -D -m 755 -s $(NAME) $(BINDIR)/$(NAME); \ - install -D -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \ + install -m 755 -s $(NAME) $(BINDIR)/$(NAME); \ + install -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \ [ -f $(SYSCONFDIR)/$(NAME).conf -o -z "$(SYSCONFDIR)" ] \ - || install -D -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \ + || install -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \ fi @echo; echo "Cntlm will look for configuration in $(SYSCONFDIR)/$(NAME).conf"
Note that macports does not recommend building from subversion, since the results will not be reproducible. However, for testing, it should work fine.