Using Git from behind an NTLM proxy

For some reason the Git that ships with Cygwin (v1.6.6.1) won’t do the right thing with NTLM proxies. It seems that Git uses cURL underneath and that cURL can correctly handle NTLM authentication if the options are set correctly.

However, the version of Git I have isn’t capable of passing this information through. In fact, some browsing of the issues that people have with this suggests that there is more than one part of Git that isn’t able to work correctly with NTLM. So even if you’re able to get past the initial connection you probably won’t be able to fetch any of the tree.

The solution, in full then, is to use ntlmaps to act as a proxy to the proxy. All you need to do is to download the latest version of the app from: ntlmaps. Change the config file to include your authentication and proxy details, start it up and then set the proxy to be your new local one:

git config --global http.proxy http://localhost:5865

I can confirm that it works just fine. Not only that you can use it for any app that requires NTLM authentication but does not provide full NTLM support.

4 replies on “Using Git from behind an NTLM proxy”

Have you tried using the ISA client. It helps when the software you are using is not ‘NTLM’ aware

Git supports NTLM proxy authentication from version 1.7.10 onwards, relevant commit is

1.7.10 release notes briefly mentioned it as:
* HTTP transport learned to authenticate with a proxy if needed.

I’ve successfully tested it with the proxy at my workplace which is NTLM and requires user/pass, just do the following:

git config –global http.proxy
git clone



The http.proxy setting you quote includes login and password. That’s not NTLM auth.

The curl build shipped with Git does indeed support NTLM/SSPI, but I could find nothing on how to tell Git to use.

Comments are closed.