The Way of Getting Github.com Access Through Our Own HTTP Proxy
Since yesterday afternoon, we found that the access to github.com suddenly lost, through some un-official source, we think it’s due to the GFW. Now we tested a solution to get the github.com access back with our own HTTP proxy.
First please install the ncat/socat tool, with
-
pacman -S/yum|apt|brew|choco install nmap-ncat/ncat/nmap -
pacman -S/yum|apt|brew install socat
Then put the following configuration into the file ~/.ssh/config(if there is no the file, you should create it by hand.):
Host github.com
Hostname github.com
ServerAliveInterval 55
ForwardAgent yes
ProxyCommand /usr/bin/ncat --proxy 192.168.30.51:3128 %h %p
# ProxyCommand /usr/bin/socat - PROXY:192.168.30.51:%h:%p,proxyport=3128
# ProxyCommand /usr/bin/nc -X 5 -x 127.0.0.1:10080 %h %p
netcat(或nc) 支持的代理协议:4(SOCKS v.4)、5(SOCKS v.5) 与connect(HTTPS proxy)。参见:man netcat。
Settings under OS/Windows
Under M$ Windows OS, It's a little bit different with GNU/Linux. We need install the Chocolate package manager for Windows within an administrative Powershell window.
PS C:\Windows\system32> Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
Then, install the nmap package with choco.exe:
PS C:\Windows\system32> choco install nmap
We need install the Git-SCM for Windows to the git and Minimalist GNU for Windows, MinGW environment. After Git-SCM for Windows installed, we can now launch a Git Bash window, from right clicking the Windows Start button. From the Git Bash window, we can find the newly install ncat command location with which ncat, which returns the following output:
$ which ncat
/c/Program Files (x86)/Nmap/ncat
So, the ~/.ssh/config file should contain the following content now:
Host github.com
Hostname github.com
ServerAliveInterval 55
ForwardAgent yes
ProxyCommand "/c/Program Files (x86)/Nmap/ncat" --proxy 192.168.30.51:3128 %h %p
# ProxyCommand /usr/bin/socat - PROXY:192.168.30.51:%h:%p,proxyport=3128
# ProxyCommand /usr/bin/nc -X 5 -x 127.0.0.1:10080 %h %p
As the same with GNU/Linux OS,we should generate the SSH keys with ssh-keygen -t rsa, and put the ~/.ssh/id_rsa.pub file content into the GitHub SSH keys。
Now you get the github.com SSH traffic proxied under Windows OS platform!
Note:in the last
ProxyCommandstatement, the-X 5stands for SOCKS version 5, and the-xpresents using the SOCKS proxy. Source: How can I use SSH with a SOCKS 5 proxy?
If any question, please feel free to contact Ryan or me.
Git HTTP Proxy Settings
To make git http traffic(only for github.com) proxied, run the following commands:
$ git config --global http.https://github.com.proxy http://192.168.30.51:3128
Or for the socks5 proxy:
$ git config --global http.https://github.com.proxy socks5://127.0.0.1:10080
It will modify the file ~/.gitconfig like this:
$ cat ~/.gitconfig lennyp@vm-manjaro
[user]
email = lenny.peng@xfoss.com
name = Lenny Peng
[pull]
rebase = false
[core]
compression = 0
[http]
postBuffer = 1048576000
maxRequestBuffer = 100M
[http "https://github.com"]
proxy = http://192.168.30.51:3128
使用 git 命令时使用指定的 SSH 私钥
修改 ~/.ssh/config 文件,使其形如下面这样:
cat ~/.ssh/config
Host github-work
HostName github.com
IdentityFile ~/.ssh/id_rsa_work
Host github-personal
HostName github.com
IdentityFile ~/.ssh/id_rsa_personal
然后这样运行 git 命令:
git clone git@github-work:corporateA/webapp.git
就会使用 ~/.ssh/id_rsa_work 的私钥,而运行下面的 git 命令:
git clone git@github-personal:bob/blog.git
则会使用 ~/.ssh/id_rsa_personal 的私钥。
curl 永久代理
参考 Set Up cURL to Permanently Use a Proxy
由于许多软件项目在构建时,都会使用 Curl 下载依赖项,因此就要想办法配置 Curl 使用代理,简单的做法是创建一个 ~/.curlrc 文件,将代理写入到这个文件中:
proxy=socks5h://localhost:10080
OpenWRT 设置
主要使用 autossh、polipo 与 Web 代理自动发现,Web Proxy Auto-Discovery 协议。
-
autossh用于从 SSH 隧道,建立 SOCKS5 端口。安装autossh后,会建立/etc/init.d/autossh服务,和/etc/conf/autossh配置文件。 -
polipo用于将 SOCKS5 代理,转换为 HTTP 代理。 -
WPAD 通过
dnsmasq的 DHCP 服务器通告选项list dhcp_option '252,http://example.com/proxy.pac'将
autoproxy.pac文件提供给联网设备。
参考链接: