HTTP Password

Some environments do not permit you to use SSH to connect across a firewall. If you cannot use SSH, but you can connect to the server with smart HTTP, you can generate a password here, and then access your Git repositories with a URL constructed with ...p/<repository>.

Note: GitCentric supports only Git smart HTTP not so-called dumb HTTP. Smart HTTP is documented on several Git-related sites.

The syntax to clone a repository with smart HTTP is:

git clone http://<username>:<password>@<host>:<port>/p/<repository>


git clone http://testuser:PaoYhDp8BFoA@localhost:8100/p/TestProj2

Once you have cloned, you can pull/push over HTTP just like you can over SSH.

Avoiding Password Entry

Generated passwords can be difficult to memorize, and providing one each time you connect using HTTP can be a nuisance. Fortunately, Git provides a number of mechanisms to help deal with this.

First, you can create a .netrc file in your home directory (“_netrc” if you are using msysgit on Microsoft Windows). For example:

machine localhost
login testuser
password PaoYhDp8BfoA

The .netrc file lets you keep the <username>:<password> out of the URL for enhanced security, but it is still stored as plain text.

A more secure approach, if you are using Git 1.7.9 and later, is to use Git’s credential helper, which tells Git to store your password in cache for 15 minutes:

git config --global credential.helper cache

You can increase the timeout by specifying the desired limit in seconds. This example shows the timeout set to 30 minutes:

git config --global credential.helper "cache --timeout=1800"

Use --unset to revert to specifying the password manually:

git config --unset credential.helper

For more information, see Generate an HTTP Password.