¿Qué datos de identificación personal envía la línea de comandos que Git envía?

Question

¿Qué datos de identificación personal envía la línea de comandos que Git envía?

#1 de grochmal (4 votos)

3

¿Qué datos de identificación (como el nombre de host) realiza la línea de comandos que Git envía cuando:

clonación
cometer / empujar

Espero que los datos de configuración de git (correo electrónico especificado y nombre completo) se envíen al cometer / empujar. ¿Git envía cualquier otra cosa y / o al clonar ?

privacy anonymity git

pregunta Samuel Shifterovich 16.10.2016 - 19:49

fuente

1 respuesta

Lea otras preguntas en las etiquetas privacy anonymity git

¿Se puede usar la información de la tarjeta de crédito caducada para el fraude? Compartir red con un vecino

score 4 · Accepted Answer

Esto es realmente fácil de probar. GIT usa CURL para las operaciones de clonación y inserción / extracción, y usa una variable de entorno que hará que nos diga todo lo que está haciendo, así que primero hagámoslo:

export GIT_TRACE_CURL=1

(Esa es la forma * * de hacerlo, pero funciona en el shell de git que también viene en Windows)

El único problema con esa configuración es que casi todos los repositorios públicos gratuitos de git (github, bitbucket, gitlab) requieren que uses HTTPS, lo cual es un poco difícil de depurar. Para evitar un proxy adicional, simplemente creé mi propio servidor git en localhost (eso no es nada difícil, incluso la documentación oficial de git tiene ejemplos de hacerlo ).

git clone

He clonado un repositorio al que llamo rc y obtuve el siguiente resultado (gracias a la variable exportada arriba):

git clone http://localhost/git/rc > log 2>&1

El contenido del registro es:

Cloning into 'rc'...
21:30:48.175889 http.c:558              == Info: Couldn't find host localhost in the .netrc file; using defaults
21:30:48.177516 http.c:558              == Info:   Trying ::1...
21:30:48.177542 http.c:558              == Info: TCP_NODELAY set
21:30:48.177698 http.c:558              == Info: connect to ::1 port 80 failed: Connection refused
21:30:48.177722 http.c:558              == Info:   Trying 127.0.0.1...
21:30:48.177732 http.c:558              == Info: TCP_NODELAY set
21:30:48.178015 http.c:558              == Info: Connected to localhost (127.0.0.1) port 80 (#0)
21:30:48.178266 http.c:505              => Send header, 0000000186 bytes (0x000000ba)
21:30:48.178316 http.c:517              => Send header: GET /git/rc/info/refs?service=git-upload-pack HTTP/1.1
21:30:48.178327 http.c:517              => Send header: Host: localhost
21:30:48.178335 http.c:517              => Send header: User-Agent: git/2.10.0
21:30:48.178342 http.c:517              => Send header: Accept: */*
21:30:48.178349 http.c:517              => Send header: Accept-Encoding: gzip
21:30:48.178356 http.c:517              => Send header: Accept-Language: en-GB, *;q=0.9
21:30:48.178364 http.c:517              => Send header: Pragma: no-cache
21:30:48.178371 http.c:517              => Send header:
21:30:48.196881 http.c:505              <= Recv header, 0000000017 bytes (0x00000011)
21:30:48.196914 http.c:517              <= Recv header: HTTP/1.1 200 OK
21:30:48.196928 http.c:505              <= Recv header, 0000000022 bytes (0x00000016)
21:30:48.196936 http.c:517              <= Recv header: Server: nginx/1.10.1
21:30:48.196946 http.c:505              <= Recv header, 0000000037 bytes (0x00000025)
21:30:48.196954 http.c:517              <= Recv header: Date: Sun, 16 Oct 2016 20:30:48 GMT
21:30:48.196964 http.c:505              <= Recv header, 0000000059 bytes (0x0000003b)
21:30:48.196972 http.c:517              <= Recv header: Content-Type: application/x-git-upload-pack-advertisement
21:30:48.196982 http.c:505              <= Recv header, 0000000028 bytes (0x0000001c)
21:30:48.196990 http.c:517              <= Recv header: Transfer-Encoding: chunked
21:30:48.197000 http.c:505              <= Recv header, 0000000024 bytes (0x00000018)
21:30:48.197008 http.c:517              <= Recv header: Connection: keep-alive
21:30:48.197016 http.c:505              <= Recv header, 0000000040 bytes (0x00000028)
21:30:48.197024 http.c:517              <= Recv header: Expires: Fri, 01 Jan 1980 00:00:00 GMT
21:30:48.197033 http.c:505              <= Recv header, 0000000018 bytes (0x00000012)
21:30:48.197041 http.c:517              <= Recv header: Pragma: no-cache
21:30:48.197050 http.c:505              <= Recv header, 0000000053 bytes (0x00000035)
21:30:48.197057 http.c:517              <= Recv header: Cache-Control: no-cache, max-age=0, must-revalidate
21:30:48.197067 http.c:505              <= Recv header, 0000000002 bytes (0x00000002)
21:30:48.197075 http.c:517              <= Recv header:
21:30:48.197085 http.c:531              <= Recv data, 0000000323 bytes (0x00000143)
21:30:48.197093 http.c:546              <= Recv data: 137..001e# service=git-upload-pack.000000d2af75078c1b6bb5ff6
21:30:48.197100 http.c:546              <= Recv data: 30e0acf2f9e94d934a025aa HEAD.multi_ack thin-pack side-band s
21:30:48.197108 http.c:546              <= Recv data: ide-band-64k ofs-delta shallow no-progress include-tag multi
21:30:48.197115 http.c:546              <= Recv data: _ack_detailed no-done symref=HEAD:refs/heads/master agent=gi
21:30:48.197123 http.c:546              <= Recv data: t/2.10.0.003faf75078c1b6bb5ff630e0acf2f9e94d934a025aa refs/h
21:30:48.197130 http.c:546              <= Recv data: eads/master.0000..0....
21:30:48.197166 http.c:558              == Info: Curl_http_done: called premature == 0
21:30:48.197182 http.c:558              == Info: Connection #0 to host localhost left intact
21:30:48.207536 http.c:558              == Info: Couldn't find host localhost in the .netrc file; using defaults
21:30:48.207600 http.c:558              == Info: Found bundle for host localhost: 0x1c7db00 [can pipeline]
21:30:48.207650 http.c:558              == Info: Re-using existing connection! (#0) with host localhost
21:30:48.207677 http.c:558              == Info: Connected to localhost (127.0.0.1) port 80 (#0)
21:30:48.216731 http.c:505              => Send header, 0000000225 bytes (0x000000e1)
21:30:48.216789 http.c:517              => Send header: POST /git/rc/git-upload-pack HTTP/1.1
21:30:48.216798 http.c:517              => Send header: Host: localhost
21:30:48.216805 http.c:517              => Send header: User-Agent: git/2.10.0
21:30:48.216813 http.c:517              => Send header: Accept-Encoding: gzip
21:30:48.216820 http.c:517              => Send header: Content-Type: application/x-git-upload-pack-request
21:30:48.216827 http.c:517              => Send header: Accept: application/x-git-upload-pack-result
21:30:48.216835 http.c:517              => Send header: Content-Length: 153
21:30:48.216841 http.c:517              => Send header:
21:30:48.216853 http.c:531              => Send data, 0000000153 bytes (0x00000099)
21:30:48.216861 http.c:546              => Send data: 008cwant af75078c1b6bb5ff630e0acf2f9e94d934a025aa multi_ack_
21:30:48.216868 http.c:546              => Send data: detailed no-done side-band-64k thin-pack no-progress ofs-del
21:30:48.216876 http.c:546              => Send data: ta agent=git/2.10.0.00000009done.
21:30:48.216899 http.c:558              == Info: upload completely sent off: 153 out of 153 bytes
21:30:48.235637 http.c:505              <= Recv header, 0000000017 bytes (0x00000011)
21:30:48.235702 http.c:517              <= Recv header: HTTP/1.1 200 OK
21:30:48.235719 http.c:505              <= Recv header, 0000000022 bytes (0x00000016)
21:30:48.235726 http.c:517              <= Recv header: Server: nginx/1.10.1
21:30:48.235736 http.c:505              <= Recv header, 0000000037 bytes (0x00000025)
21:30:48.235745 http.c:517              <= Recv header: Date: Sun, 16 Oct 2016 20:30:48 GMT
21:30:48.235755 http.c:505              <= Recv header, 0000000052 bytes (0x00000034)
21:30:48.235763 http.c:517              <= Recv header: Content-Type: application/x-git-upload-pack-result
21:30:48.235774 http.c:505              <= Recv header, 0000000028 bytes (0x0000001c)
21:30:48.235781 http.c:517              <= Recv header: Transfer-Encoding: chunked
21:30:48.235791 http.c:505              <= Recv header, 0000000024 bytes (0x00000018)
21:30:48.235799 http.c:517              <= Recv header: Connection: keep-alive
21:30:48.235808 http.c:505              <= Recv header, 0000000040 bytes (0x00000028)
21:30:48.235817 http.c:517              <= Recv header: Expires: Fri, 01 Jan 1980 00:00:00 GMT
21:30:48.235826 http.c:505              <= Recv header, 0000000018 bytes (0x00000012)
21:30:48.235833 http.c:517              <= Recv header: Pragma: no-cache
21:30:48.235843 http.c:505              <= Recv header, 0000000053 bytes (0x00000035)
21:30:48.235850 http.c:517              <= Recv header: Cache-Control: no-cache, max-age=0, must-revalidate
21:30:48.235861 http.c:505              <= Recv header, 0000000002 bytes (0x00000002)
21:30:48.235869 http.c:517              <= Recv header:
21:30:48.235879 http.c:531              <= Recv data, 0000008027 bytes (0x00001f5b)
21:30:48.235888 http.c:546              <= Recv data: 1f53..0008NAK.2004.PACK..........x...I..0...zE............#

#### And the rest is simply gzipped repo files

La parte interesante de toda esa salida es que podemos ver que GIT está realizando un HTTP GET y un HTTP POST para lograr la operación de clonación:

GET /git/rc/info/refs?service=git-upload-pack HTTP/1.1
Host: localhost
User-Agent: git/2.10.0
Accept: */*
Accept-Encoding: gzip
Accept-Language: en-GB, *;q=0.9
Pragma: no-cache

POST /git/rc/git-upload-pack HTTP/1.1
Host: localhost
User-Agent: git/2.10.0
Accept-Encoding: gzip
Content-Type: application/x-git-upload-pack-request
Accept: application/x-git-upload-pack-result
Content-Length: 153

008cwant af75078c1b6bb5ff630e0acf2f9e94d934a025aa multi_ack_
detailed no-done side-band-64k thin-pack no-progress ofs-del
ta agent=git/2.10.0.00000009done.

Nada particularmente preocupante aquí. Esa cadena hexagonal proviene de lo que GIT obtuvo en el cuerpo devuelto por GET, y también lo son todas las otras opciones.

git commit

Bueno, esta es una operación local. Nada se transfiere a través de la red aquí.

Aún así, la operación de confirmación envía algunos datos (objetos GIT) al repositorio (directorio .git ) que se sincroniza con todas las demás copias del repositorio con operaciones de inserción / extracción. Vea las notas adicionales al final de algunos archivos en la confirmación que son relevantes para la divulgación de información.

git push

Aquí las cosas son un poco diferentes. Solo probé esto hasta el punto en que vi el inicio del PUT (en el lado del servidor) pero nos da una buena información.

Cambié un archivo, lo agregué, confirmé, y ahora lo voy a devolver al origen. Configuré use.name y user.email para asegurar que aparezcan en los registros (ver más abajo):

$ git config user.name grochmal
$ git config user.email [email protected]
$ git commit -m 'yay'
$ git push origin master > log2 2>&1
Username for 'http://localhost': grochmal
Password for 'http://grochmal@localhost':

Para que GIT me permita presionar HTTP, necesitaba configurar la autenticación básica en el servidor, ya que (de forma predeterminada) solo permite una inserción si el servidor realiza la autenticación. De todos modos, la salida:

21:53:54.779437 http.c:558              == Info: Couldn't find host localhost in the .netrc file; using defaults
21:53:54.781338 http.c:558              == Info:   Trying ::1...
21:53:54.781423 http.c:558              == Info: TCP_NODELAY set
21:53:54.781618 http.c:558              == Info: connect to ::1 port 80 failed: Connection refused
21:53:54.781643 http.c:558              == Info:   Trying 127.0.0.1...
21:53:54.781654 http.c:558              == Info: TCP_NODELAY set
21:53:54.781851 http.c:558              == Info: Connected to localhost (127.0.0.1) port 80 (#0)
21:53:54.781998 http.c:505              => Send header, 0000000187 bytes (0x000000bb)
21:53:54.782028 http.c:517              => Send header: GET /git/rc/info/refs?service=git-receive-pack HTTP/1.1
21:53:54.782038 http.c:517              => Send header: Host: localhost
21:53:54.782047 http.c:517              => Send header: User-Agent: git/2.10.0
21:53:54.782056 http.c:517              => Send header: Accept: */*
21:53:54.782065 http.c:517              => Send header: Accept-Encoding: gzip
21:53:54.782073 http.c:517              => Send header: Accept-Language: en-GB, *;q=0.9
21:53:54.782082 http.c:517              => Send header: Pragma: no-cache
21:53:54.782090 http.c:517              => Send header:
21:53:54.782555 http.c:505              <= Recv header, 0000000027 bytes (0x0000001b)
21:53:54.782569 http.c:517              <= Recv header: HTTP/1.1 401 Unauthorized
21:53:54.782586 http.c:505              <= Recv header, 0000000022 bytes (0x00000016)
21:53:54.782595 http.c:517              <= Recv header: Server: nginx/1.10.1
21:53:54.782605 http.c:505              <= Recv header, 0000000037 bytes (0x00000025)
21:53:54.782613 http.c:517              <= Recv header: Date: Sun, 16 Oct 2016 20:53:54 GMT
21:53:54.782623 http.c:505              <= Recv header, 0000000025 bytes (0x00000019)
21:53:54.782632 http.c:517              <= Recv header: Content-Type: text/html
21:53:54.782645 http.c:505              <= Recv header, 0000000021 bytes (0x00000015)
21:53:54.782654 http.c:517              <= Recv header: Content-Length: 195
21:53:54.782664 http.c:505              <= Recv header, 0000000024 bytes (0x00000018)
21:53:54.782673 http.c:517              <= Recv header: Connection: keep-alive
21:53:54.782685 http.c:505              <= Recv header, 0000000044 bytes (0x0000002c)
21:53:54.782693 http.c:517              <= Recv header: WWW-Authenticate: Basic realm="Restricted"
21:53:54.782704 http.c:505              <= Recv header, 0000000002 bytes (0x00000002)
21:53:54.782713 http.c:517              <= Recv header:
21:53:54.782723 http.c:531              <= Recv data, 0000000195 bytes (0x000000c3)
21:53:54.782732 http.c:546              <= Recv data: <html>..<head><title>401 Authorization Required</title></hea
21:53:54.782740 http.c:546              <= Recv data: d>..<body bgcolor="white">..<center><h1>401 Authorization Re
21:53:54.782748 http.c:546              <= Recv data: quired</h1></center>..<hr><center>nginx/1.10.1</center>..</b
21:53:54.782756 http.c:546              <= Recv data: ody>..</html>..
21:53:54.782778 http.c:558              == Info: Curl_http_done: called premature == 0
21:53:54.782848 http.c:558              == Info: Connection #0 to host localhost left intact
21:53:59.617614 http.c:558              == Info: Couldn't find host localhost in the .netrc file; using defaults
21:53:59.617755 http.c:558              == Info: Found bundle for host localhost: 0x136d680 [can pipeline]
21:53:59.617806 http.c:558              == Info: Hostname localhost was found in DNS cache
21:53:59.617870 http.c:558              == Info:   Trying ::1...
21:53:59.617894 http.c:558              == Info: TCP_NODELAY set
21:53:59.618064 http.c:558              == Info: connect to ::1 port 80 failed: Connection refused
21:53:59.618102 http.c:558              == Info:   Trying 127.0.0.1...
21:53:59.618122 http.c:558              == Info: TCP_NODELAY set
21:53:59.618332 http.c:558              == Info: Connected to localhost (127.0.0.1) port 80 (#1)
21:53:59.618453 http.c:505              => Send header, 0000000187 bytes (0x000000bb)
21:53:59.618559 http.c:517              => Send header: GET /git/rc/info/refs?service=git-receive-pack HTTP/1.1
21:53:59.618575 http.c:517              => Send header: Host: localhost
21:53:59.618591 http.c:517              => Send header: User-Agent: git/2.10.0
21:53:59.618607 http.c:517              => Send header: Accept: */*
21:53:59.618621 http.c:517              => Send header: Accept-Encoding: gzip
21:53:59.618637 http.c:517              => Send header: Accept-Language: en-GB, *;q=0.9
21:53:59.618652 http.c:517              => Send header: Pragma: no-cache
21:53:59.618667 http.c:517              => Send header:
21:53:59.618731 http.c:505              <= Recv header, 0000000027 bytes (0x0000001b)
21:53:59.618750 http.c:517              <= Recv header: HTTP/1.1 401 Unauthorized
21:53:59.618772 http.c:505              <= Recv header, 0000000022 bytes (0x00000016)
21:53:59.618788 http.c:517              <= Recv header: Server: nginx/1.10.1
21:53:59.618807 http.c:505              <= Recv header, 0000000037 bytes (0x00000025)
21:53:59.618822 http.c:517              <= Recv header: Date: Sun, 16 Oct 2016 20:53:59 GMT
21:53:59.618841 http.c:505              <= Recv header, 0000000025 bytes (0x00000019)
21:53:59.618857 http.c:517              <= Recv header: Content-Type: text/html
21:53:59.618876 http.c:505              <= Recv header, 0000000021 bytes (0x00000015)
21:53:59.618892 http.c:517              <= Recv header: Content-Length: 195
21:53:59.618912 http.c:505              <= Recv header, 0000000024 bytes (0x00000018)
21:53:59.618927 http.c:517              <= Recv header: Connection: keep-alive
21:53:59.618949 http.c:505              <= Recv header, 0000000044 bytes (0x0000002c)
21:53:59.618965 http.c:517              <= Recv header: WWW-Authenticate: Basic realm="Restricted"
21:53:59.618986 http.c:505              <= Recv header, 0000000002 bytes (0x00000002)
21:53:59.619001 http.c:517              <= Recv header:
21:53:59.619017 http.c:558              == Info: Ignoring the response-body
21:53:59.619037 http.c:531              <= Recv data, 0000000195 bytes (0x000000c3)
21:53:59.619052 http.c:546              <= Recv data: <html>..<head><title>401 Authorization Required</title></hea
21:53:59.619068 http.c:546              <= Recv data: d>..<body bgcolor="white">..<center><h1>401 Authorization Re
21:53:59.619083 http.c:546              <= Recv data: quired</h1></center>..<hr><center>nginx/1.10.1</center>..</b
21:53:59.619098 http.c:546              <= Recv data: ody>..</html>..
21:53:59.619127 http.c:558              == Info: Curl_http_done: called premature == 0
21:53:59.619150 http.c:558              == Info: Connection #1 to host localhost left intact
21:53:59.619178 http.c:558              == Info: Issue another request to this URL: 'http://localhost/git/rc/info/refs?service
=git-receive-pack'
21:53:59.619289 http.c:558              == Info: Couldn't find host localhost in the .netrc file; using defaults
21:53:59.619322 http.c:558              == Info: Found bundle for host localhost: 0x136d680 [can pipeline]
21:53:59.619351 http.c:558              == Info: Re-using existing connection! (#1) with host localhost
21:53:59.619387 http.c:558              == Info: Connected to localhost (127.0.0.1) port 80 (#1)
21:53:59.619426 http.c:558              == Info: Server auth using Basic with user 'grochmal'
21:53:59.619600 http.c:505              => Send header, 0000000226 bytes (0x000000e2)
21:53:59.619631 http.c:517              => Send header: GET /git/rc/info/refs?service=git-receive-pack HTTP/1.1
21:53:59.619646 http.c:517              => Send header: Host: localhost
21:53:59.619661 http.c:517              => Send header: Authorization: Basic <redacted>
21:53:59.619677 http.c:517              => Send header: User-Agent: git/2.10.0
21:53:59.619691 http.c:517              => Send header: Accept: */*
21:53:59.619706 http.c:517              => Send header: Accept-Encoding: gzip
21:53:59.619720 http.c:517              => Send header: Accept-Language: en-GB, *;q=0.9
21:53:59.619753 http.c:517              => Send header: Pragma: no-cache
21:53:59.619768 http.c:517              => Send header:
21:53:59.633633 http.c:505              <= Recv header, 0000000024 bytes (0x00000018)
21:53:59.633669 http.c:517              <= Recv header: HTTP/1.1 403 Forbidden
21:53:59.633683 http.c:505              <= Recv header, 0000000022 bytes (0x00000016)
21:53:59.633692 http.c:517              <= Recv header: Server: nginx/1.10.1
21:53:59.633702 http.c:505              <= Recv header, 0000000037 bytes (0x00000025)
21:53:59.633711 http.c:517              <= Recv header: Date: Sun, 16 Oct 2016 20:53:59 GMT
21:53:59.633722 http.c:505              <= Recv header, 0000000028 bytes (0x0000001c)
21:53:59.633730 http.c:517              <= Recv header: Transfer-Encoding: chunked
21:53:59.633740 http.c:505              <= Recv header, 0000000024 bytes (0x00000018)
21:53:59.633749 http.c:517              <= Recv header: Connection: keep-alive
21:53:59.633758 http.c:505              <= Recv header, 0000000040 bytes (0x00000028)
21:53:59.633767 http.c:517              <= Recv header: Expires: Fri, 01 Jan 1980 00:00:00 GMT
21:53:59.633776 http.c:505              <= Recv header, 0000000018 bytes (0x00000012)
21:53:59.633785 http.c:517              <= Recv header: Pragma: no-cache
21:53:59.633795 http.c:505              <= Recv header, 0000000053 bytes (0x00000035)
21:53:59.633803 http.c:517              <= Recv header: Cache-Control: no-cache, max-age=0, must-revalidate
21:53:59.633813 http.c:505              <= Recv header, 0000000040 bytes (0x00000028)
21:53:59.633822 http.c:517              <= Recv header: Expires: Fri, 01 Jan 1980 00:00:00 GMT
21:53:59.633831 http.c:505              <= Recv header, 0000000018 bytes (0x00000012)
21:53:59.633840 http.c:517              <= Recv header: Pragma: no-cache
21:53:59.633849 http.c:505              <= Recv header, 0000000053 bytes (0x00000035)
21:53:59.633858 http.c:517              <= Recv header: Cache-Control: no-cache, max-age=0, must-revalidate
21:53:59.633868 http.c:505              <= Recv header, 0000000002 bytes (0x00000002)
21:53:59.633858 http.c:517              <= Recv header: Cache-Control: no-cache, max-age=0, must-revalidate
21:53:59.633868 http.c:505              <= Recv header, 0000000002 bytes (0x00000002)
21:53:59.633876 http.c:517              <= Recv header:
21:53:59.633887 http.c:531              <= Recv data, 0000000005 bytes (0x00000005)
21:53:59.633895 http.c:546              <= Recv data: 0....
21:53:59.633923 http.c:558              == Info: Curl_http_done: called premature == 0
21:53:59.633940 http.c:558              == Info: Connection #1 to host localhost left intact
fatal: unable to access 'http://localhost/git/rc/': The requested URL returned error: 403

HTTP 403! Oh, bueno, no podría ser arsed para configurar un archivo htpaswd adecuado. Pero esto ya nos da suficiente información sobre lo que GIT hace en un impulso, las partes interesantes son:

GET /git/rc/info/refs?service=git-receive-pack HTTP/1.1
Host: localhost
User-Agent: git/2.10.0
Accept: */*
Accept-Encoding: gzip
Accept-Language: en-GB, *;q=0.9
Pragma: no-cache

GET /git/rc/info/refs?service=git-receive-pack HTTP/1.1
Host: localhost
User-Agent: git/2.10.0
Accept: */*
Accept-Encoding: gzip
Accept-Language: en-GB, *;q=0.9
Pragma: no-cache

Estos dos GET son los que activan la solicitud del usuario y la solicitud de contraseña, todo bien hasta ahora. Adelante:

GET /git/rc/info/refs?service=git-receive-pack HTTP/1.1
Host: localhost
Authorization: Basic <redacted>
User-Agent: git/2.10.0
Accept: */*
Accept-Encoding: gzip
Accept-Language: en-GB, *;q=0.9
Pragma: no-cache

¡Ay! Esa parte <redacted> (¡CURL lo redacta incluso en modo de seguimiento!) Es un encabezado de autenticación básica , y su contenido es equivalente a:

echo -n username:password | base64

En esencia, la contraseña se envía en (casi) texto claro. Eso se espera ya que GIT desea que el servidor realice la autenticación y un servidor HTTP realizará una autenticación HTTP simple.

Realmente es muy bueno que casi todos los repositorios disponibles a través de Internet usan HTTPS. No utilice un repositorio autenticado de HTTP a través de HTTP simple a través de Internet, cualquier cosa puede ser falsificada y su contraseña se compromete de inmediato.

Nota adicional

Pero espere, ¿dónde demonios terminaron esas opciones de configuración user.name y user.email ? Respuesta: en el registro:

$ git log
commit 4aa5546090030c4d9196b6a4a2547b77a8c5a394
Author: grochmal <[email protected]>
Date:   Sun Oct 16 21:52:22 2016 +0100

    yay

commit af75078c1b6bb5ff630e0acf2f9e94d934a025aa
Author: grochmal <[email protected]>
Date:   Mon Oct 27 00:39:41 2014 +0000

    some simple configs plus dummy email configuration

commit 421b7dce992a67940422e5a0612f0d2d253d1a55
Author: Michal Grochmal <[email protected]>
Date:   Sun Feb 17 01:01:12 2013 +0000

    remove stuff

commit 3e2d568bb260d12a31b76141c782a655e44eef64
Author: Michal Grochmal <[email protected]>
Date:   Fri Feb 15 22:36:30 2013 +0000

    create depot

Estos vienen de los archivos en .git/logs combinados con los archivos en .git/objects , y contienen todo lo que se configuró como el correo electrónico y el nombre de usuario en ese momento. Este es un antiguo repositorio, más antiguo que GIT 2, que comenzó a fruncir el ceño al confirmar sin los dos parámetros. Durante ese tiempo, el nombre de usuario se tomó como nombre de usuario del sistema y el correo electrónico como host.

Y como los archivos de registro están en cada clon (o sincronización) de un repositorio, estos archivos son en realidad los vectores de divulgación de información más grandes. Un archivo puede buscar, por ejemplo, como ( .git/objects/42/1b7dce992a67940422e5a0612f0d2d253d1a55 ):

$ git cat-file -p 421b7dce992a67940422e5a0612f0d2d253d1a55
tree 222cb8fbbddc6d6d79d9ec6a83bd95228994a46c
parent 3e2d568bb260d12a31b76141c782a655e44eef64
author Michal Grochmal <[email protected]> 1361062872 +0000
committer Michal Grochmal <[email protected]> 1361062872 +0000

remove stuff

Lo que revela el nombre de usuario y el nombre de host del sistema, porque no configuré user.name o user.email antes de commit + push.

Las nuevas versiones de GIT (especialmente todas las versiones 2.x) resuelven la divulgación al renunciar a confirmaciones que no tienen un repositorio configurado correctamente. Sin embargo, todavía hay sistemas que utilizan antiguos binarios de GIT.