Connect to BitBucket via proxy

Hoi,

I try to hg pull

from my private repo on Bitbucket.org

into my local repo on my Windows machine

from behind the company proxy that requires Windows authentication.

• I found the proxy server and port (Internet options of IE)

• I found the set开发者_开发技巧tings Mercurial.ini file in my %USERPROFILE%

• I added this section to it (info):

  [http_proxy]

  host = TheProxyServer : TheProxyServerPort

  user = MyWindowsLogin

  passwd = MyWindowsPassword

• This works:

C:\path\to\repo> hg pull

http authorization required

realm: Bitbucket.org HTTP

user:

after I enter the credentials of Bitbucket, I get:

searching for changes

no changes found

But writing down the password in Mercurial.ini is obviously a major security issue (besides having to update this file each month because of our password policies).

Is it somehow possible to let Mercurial ask for the proxy credentials?

Or store these credentials in a more secure way?

Edit:

I tried with the same settings and SSH, but I got this:

C:\path\to\repo> hg clone ssh://hg@bitbucket.org/ME/repo/

running ""C:\Program Files\TortoiseHg\TortoisePlink.exe" -ssh -2 hg@bitbucket.org "hg -R ME/repo/ serve --stdio"

abort: no suitable response from remote hg!

And a dialog : "PuTTY Fatal Error - Network error: Connection timed out"

Edit2:

This question came up because Subversion handles this situation correctly:

In the Subversion servers file I specify the proxy host and port too, and Subversion automagically sends my windows authentication to it. I don't have to enter nor write down my credentials anywhere when checking out source from the web via the proxy using e.g.

C:\workingdir> svn checkout http://okarito.googlecode.com/svn/trunk/ okarito-read-only

... Checked out revision 5.

Thanks in advance!

Jan

Another alternative is to run a local http proxy which then authenticates with your companies http proxy. You can run cntlm under Cygwin and safely store an NTLMv2 hash in the cntlm conf file. You then set you http proxy to be localhost:3128, and don't specify a username or password.

My other suggestion is to use TortoiseHg. This will store your proxy information, but I'm not sure if it's stored securely.

You can use the --config option to hg as this allows you override configuration settings from the command line. The syntax is --config <section>.<name>=<value>, so try this:

hg --config http_proxy.passwd=YourWindowsPassword pull

This will leave your password in your command history but this is probably better than in the Mercurial.ini file.