The Onion Digest

Posts Tagged ‘git

First, install the OpenBSD version of netcat. If you’re on a BSD-based system, this should already be the case. If you’re using Debian, run sudo apt-get install netcat-openbsd. Users of other distributions should consult their system’s documentation and package repositories to learn how to install this package. If nc -zX5 127.0.0.1 1337 doesn’t give an error, you have the correct version.

Next, because Git isn’t able to understand a GIT_PROXY_COMMAND with arguments, we need to create a wrapper for the proxy. Put the following in ~/.torgit, and then make it executable using chmod +x ~/.torgit.

#!/bin/sh
exec nc -X5 -x 127.0.0.1:9050 "$@"

Note: If Tor is listening on a non-standard port, use that instead of 9050

Now, we need to set up Git so that it knows that we want it to use our script. Add the following to your ~/.bashrc:

export GIT_PROXY_COMMAND=~/.torgit

Warning: After you do this, you’ll need to run source ~/.bashrc every time you start a terminal until you reboot, otherwise Git won’t know you set this.

That should take care of pulling. Now to set up pushing, we’d do it just as if we were to set up SSH for proxying. First, make a public key using ssh-keygen -f ~/.ssh/tor_git_key. We’re passing a filename to make sure not to confuse this key with regular SSH keys for non-Tor sessions. Then, to make sure SSH uses our keys, put the following into ~/.ssh/config:

Host gitorious.org
User git
PreferredAuthentication publickey
Compression yes
ProxyCommand nc -X5 -x 127.0.0.1:9050 %h %p
IdentityFile ~/.ssh/tor_git_key

Note: If you’re going to be pushing to somewhere other than Gitorious, you’ll need to change the Host line accordingly.

Tags: , ,


Categories