Is it possible to use a .netrc file on Windows when I'm using Git to clone a remote repository with HTTP and user - password?
ベストアンサー1
Is it possible to use a
.netrcfile on Windows?
Yes: You must:
- define environment variable
%HOME%(pre-Git 2.0, no longer needed with Git 2.0+) - put a
_netrcfile in%HOME%
If you are using Windows 7/10, in a CMD session, type:
setx HOME %USERPROFILE%
and the %HOME% will be set to 'C:\Users\"username"'.
Go that that folder (cd %HOME%) and make a file called '_netrc'
Note: Again, for Windows, you need a '_netrc' file, not a '.netrc' file.
Its content is quite standard (Replace the <examples> with your values):
machine <hostname1>
login <login1>
password <password1>
machine <hostname2>
login <login2>
password <password2>
Luke mentions in the comments:
Using the latest version of msysgit on Windows 7, I did not need to set the
HOMEenvironment variable. The_netrcfile alone did the trick.
This is indeed what I mentioned in "Trying to “install” github, .ssh dir not there":
git-cmd.bat included in msysgit does set the %HOME% environment variable:
@if not exist "%HOME%" @set HOME=%HOMEDRIVE%%HOMEPATH%
@if not exist "%HOME%" @set HOME=%USERPROFILE%
爱国者 believes in the comments that "it seems that it won't work for http protocol"
However, I answered that netrc is used by curl, and works for HTTP protocol, as shown in this example (look for 'netrc' in the page): . Also used with HTTP protocol here: "_netrc/.netrc alternative to cURL".
A common trap with with netrc support on Windows is that git will bypass using it if an origin https url specifies a user name.
For example, if your .git/config file contains:
[remote "origin"]
fetch = +refs/heads/*:refs/remotes/origin/*
url = https://[email protected]/p/my-project/
Git will not resolve your credentials via _netrc, to fix this remove your username, like so:
[remote "origin"]
fetch = +refs/heads/*:refs/remotes/origin/*
url = https://code.google.com/p/my-project/
Alternative solution: With git version 1.7.9+ (January 2012): This answer from Mark Longair details the credential cache mechanism which also allows you to not store your password in plain text as shown below.
With Git 1.8.3 (April 2013):
You now can use an encrypted .netrc (with gpg).
On Windows: %HOME%/_netrc (_, not '.')
A new read-only credential helper (in
contrib/) to interact with the.netrc/.authinfofiles has been added.
That script would allow you to use gpg-encrypted netrc files, avoiding the issue of having your credentials stored in a plain text file.
Files with the
.gpgextension will be decrypted by GPG before parsing.
Multiple-farguments are OK. They are processed in order, and the first matching entry found is returned via the credential helper protocol.When no
-foption is given,.authinfo.gpg,.netrc.gpg,.authinfo, and.netrcfiles in your home directory are used in this order.
To enable this credential helper:
git config credential.helper '$shortname -f AUTHFILE1 -f AUTHFILE2'
(Note that Git will prepend "
git-credential-" to the helper name and look for it in the path.)
# and if you want lots of debugging info:
git config credential.helper '$shortname -f AUTHFILE -d'
#or to see the files opened and data found:
git config credential.helper '$shortname -f AUTHFILE -v'
See a full example at "Is there a way to skip password typing when using https:// github"
With Git 2.18+ (June 2018), you now can customize the GPG program used to decrypt the encrypted .netrc file.
See commit 786ef50, commit f07eeed (12 May 2018) by Luis Marsano (``).
(Merged by Junio C Hamano -- gitster -- in commit 017b7c5, 30 May 2018)
git-credential-netrc: acceptgpgoption
git-credential-netrcwas hardcoded to decrypt with 'gpg' regardless of the gpg.program option.
This is a problem on distributions like Debian that call modern GnuPG something else, like 'gpg2'