jax 2 Dec 2014 in 23:21

Brief instructions: GitHub via I2P

1 min

35K

Inspired by the publication «Github is blocked again».

The news about Github being blocked made us think about making crutches.

For some reason, the thought of I2P immediately came to mind.

And it really turned out to be easy.

So, step by step:

1. Download I2P and install;
2. After launch, go to the I2P network settings: 127.0.0.1:7657/confignet;
3. In the “UDP Configuration” section we find the UDP port number and redirect it in the router;
4. Go to the I2P tunnel manager: 127.0.0.1:7657/i2ptunnelmgr;
5. We check: there must be I2P HTTP Proxy (127.0.0.1:4444) and I2P HTTPS Proxy tunnels (127.0.0.1:4445);
6. In one of the browsers, for example in Mozilla, we specify the proxy settings: HTTP proxy - 127.0.0.1:4444 and SSL proxy - 127.0.0.1:4445 (Mozilla is convenient because you can specify proxy settings in it that are different from the system ones). This way we get access to the Github web interface;
7. Go to the Git console and run the following commands:

git config --global http.proxy 127.0.0.1:4445
git config --global https.proxy 127.0.0.1:4445

Ready. Now you can commit and push.

Works both through the console and through Tortoise Git.

The only thing is it's quite slow.

Tags:

Hubs:

+52

+42

Evgeniy Tabatsky @jax

Programmer

Comments 42

x88 3 Dec 2014 in 00:28

It’s not better to quickly set up a VPS (they start from $5 per month on average) or set up a proxy or tunnel on your existing one in order to at least protect yourself a little from traffic interception?

jax 3 Dec 2014 in 00:40

Do you mean intercepting traffic at the end node??
Github has https.

I set up Mozilla specifically for Github, for other sites I use Chrome, without i2p.

ChiefPilot 3 Dec 2014 in 03:31

Has anyone tried Opera Turbo? Otherwise it works for me - I can’t check it… :(

x88 3 Dec 2014 in 03:42

Opera turbo, as far as I know, cannot be attached to git or IDE.
Github is still not available from our provider, we work through Squid on a VPS (to configure which we had to write just a couple of lines in the config)

Guria 3 Dec 2014 in 03:47

proxy switcher sharp will allow you to configure a proxy in chrome using wildcard *.github.com

jax 3 Dec 2014 in 17:00

I tried it, but it didn't work for me.

GlobeTrotter 3 Dec 2014 in 05:46

If you set up a proxy or tunnel on a VPS, you will only help yourself and the VPS resources will be mostly idle. If you raise I2P on the same VPS and forward ports from there to the local computer

ssh -f -N -L 7657:127.0.0.1:7657 user@xxx.xxx.xxx.xxx
ssh -f -N -L 4444:127.0.0.1:4444 user@xxx.xxx.xxx.xxx
ssh -f -N -L 4445:127.0.0.1:4445 user@xxx.xxx.xxx.xxx

then you will help the entire I2P network be more secure and stable, and at the same time you will not waste your money. At the same time, of course, from a security point of view, your node will not be fully protected, since hosting administrators also have physical access to the VPS, but on the other hand, you are not going to sell drugs.

x88 3 Dec 2014 in 00:34

*secure

slpdmn 3 Dec 2014 in 01:31

After launch, i2p gradually accelerates (over a day, for example), but it is still far from normal speeds, of course.

jax 3 Dec 2014 in 01:35

Well, in principle, uploading code to GitHub is fast enough. :)

grossws 3 Dec 2014 in 02:22

While some lucene_solr.git is being cloned (~450 MiB) and on a normal Internet you have time to drink coffee and smoke... And with i2p you can generally walk all day)

mrTyler 3 Dec 2014 in 01:35

For example, I can’t get a VPS up, I just don’t know how to do it and I don’t have time to do it - I need to work, so I found the fastest solution - SurfEasy. 5$, installation 5 minutes and you are back in the workflow.

-5

gusakovm 3 Dec 2014 in 01:42

2 fast and free solutions:
1. Free VPN promoted by tpb frootvpn.com
2. Set the default DNS server from Google 8.8.8.8

jax 3 Dec 2014 in 01:50

DNS server won't help.

I already have it registered, but providers ban me not by domain, but by IP address.

It happened last year - my website was located on free hosting, on which there were 30-40 domains per IP address. And then my site was banned “for the company”.

Guria 3 Dec 2014 in 03:49

Providers have different ban methods. some simply change the domain resolution on their DNS or, like Dom.ru, they spoof any DNS request to any DNS server.

starius 3 Dec 2014 in 02:57

vpngate.net is also free and does not require registration. Just go in, select a server and download the ready-made config for openvpn (or another VPN client). Includes many servers run by volunteers around the world. Many of their servers can also be connected via TCP, which allows you to connect from Tor in order to access sites that block direct connections from Tor.

And for Github direct access via Tor works Fine.

ValdikSS 3 Dec 2014 in 05:48

antizapret.prostovpn.org/
If configured using the VPN method, the DNS is also encrypted.
The only thing is that in Windows the connection can take up to 5 minutes, because... There are more than 3000 routes being installed, and for some reason they take a very long time. Well, or rather, I know why, because OpenVPN Control packets for some reason have a size limit of 100 bytes.

ValdikSS 3 Dec 2014 in 05:51

And also, if you don’t trust me, you can raise the same thing at your place
bitbucket.org/ValdikSS/antizapret/src

tree 3 Dec 2014 in 01:55

The next step of Roskomnadzor: block services where VPN can be installed (not all of them, of course, the most popular ones) and all suspicious traffic in general. It is quite possible that blocking traffic will be even more convenient. Well, liability for the use of such solutions should be introduced - from 5 to 10 years, why not? There was already a topic on Habré about such intentions. Decided to commit via i2p? Get a deadline.

You are fighting with the wrong methods, comrades, you need to look for solutions in the wrong place.

josser 3 Dec 2014 in 02:08

This is not the right place to write this comment.

dimakovalenko 3 Dec 2014 in 02:35

What's most interesting is that both are right!

volanddd 4 Dec 2014 in 15:26

I don’t have time to follow the news before 5-10 years have been introduced?

starius 3 Dec 2014 in 02:38

I wanted to write a detailed comment, but the material has accumulated for separate post.

AgentSIB 3 Dec 2014 in 04:11

I wanted to write it in detail via ssh (putty for Windows), but it turned out very briefly:

echo 127.0.0.1   github.com
ssh -f -N -L 443:github.com:443 remotevps-ip

AgentSIB 3 Dec 2014 in 04:17

Sorry, typo, correct version

echo 127.0.0.1   github.com >> /etc/hosts
ssh -f -N -L 443:github.com:443 remotevps-ip

AgentSIB 3 Dec 2014 in 04:22

Catch up

echo "Host github.com" >> ~/.ssh/config
echo "    Port 2222" >> ~/.ssh/config
ssh -f -N -L 2222:github.com:22 remotevps-ip

And work via ssh is also available

Shrike 3 Dec 2014 in 05:20

How to configure ssh/putty for Venda so that only github is accessed through the tunnel, and the rest is as usual?

AgentSIB 3 Dec 2014 in 05:43

Next, register in hosts github.com

Or you can immediately raise the socks proxy in the same way.

Setting up an ssh client depends on the git client you are using. If cygwin, then also edit the ~/.ssh/config file, if plink, then you need to create a connection called github.com and configure it to the port 2222.

AgentSIB 3 Dec 2014 in 05:47

SOCKS:

They say it works that way, I haven't tested it myself.

git config --global http.proxy socks5://localhost:9999

I think you can configure the browser yourself.

Shrike 3 Dec 2014 in 05:50

yes, that’s how it works (I once set up dropbear on my home router and went to it from work using socks5). But that’s how all the traffic goes. But I would like only the GitHub one. Or I didn't understand something?

AgentSIB 3 Dec 2014 in 05:53

If you are only interested in the git client, then you do not need to configure the browser; only git will work via proxy. If you need it in the browser, then there is such a wonderful thing as proxy.pac, where you can set the necessary rules. There are a lot of examples on the Internet.

Shrike 3 Dec 2014 in 06:14

Oh cool stuff, thanks!

demitsuri 3 Dec 2014 in 06:17

Here in in this case adding the domain to /etc/hosts helps.

amarao 3 Dec 2014 in 07:33

Tunneling via i2p? Monsieur knows a lot about perversions. If through tor the speed is tolerable, then i2p works with crazy lags.

original 3 Dec 2014 in 08:30

What output proxy will this work through??
IMHO it seems more expedient to raise the server tunnel to Github outside the Russian Federation and share the address.

original 3 Dec 2014 in 08:51

Here we raised the tunnel to Github.
Access by address
oolce3loyfdue65jajyo3dtwnaxvbf6w4w25imy7qa7jte7itgvq.b32.i2p

degs 3 Dec 2014 in 13:55

does not work

Not responding

original 3 Dec 2014 in 14:30

So you don’t need to go through the browser, but you need to build a client tunnel to this address, as suggested by the topicstarter and further according to the instructions.

jax 4 Dec 2014 in 15:33

It worked for me with outproxy, which was the default during installation.

xskif 5 Dec 2014 in 07:20

GitHub Unblocked Today

original 5 Dec 2014 in 08:51

Which does not cancel access via I2P in any way, since you cannot know what else “will come to mind for these bees».

xskif 5 Dec 2014 in 09:02

It's true. It seems to me that there is no point in simply writing an article about “GitHub being unblocked again.” So I wrote here.

Only full-fledged users can leave comments. Sign in, Please.