Article version: Enterprise Server 2.17
Allowing admins to enable anonymous Git read access to public repositories
To simplify how custom tools work on your instance and bypass authentication requirements, you can allow repository administrators to enable anonymous Git read access to public repositories on your GitHub Enterprise Server instance.
Note: If you enable anonymous Git read access, you're responsible for all access and use of this feature. GitHub will not be responsible for any unintended access or misuse of the feature. Also, you may not use this feature to violate your license from GitHub, including the limit on the number of user licenses you've ordered from us.
If private mode is enabled, you can allow repository administrators to enable anonymous Git read access to public repositories on your GitHub Enterprise Server instance. For more information about private mode, see "Enabling private mode."
Allowing anonymous Git read access enables you to bypass authentication for custom tools on your instance. When you or a repository administrator enable this access setting for a repository, unauthenticated Git operations (and anyone with network access to GitHub Enterprise Server) will have read access to the repository without authentication.
You can also prevent repository administrators from changing anonymous Git access settings for all repositories or a specific repository on your GitHub Enterprise Server instance. For more information, see "Preventing users from changing anonymous Git read access."
To see the repositories with anonymous Git read access enabled, filter the repositories list in the site admin dashboard.
Notes:
- You cannot change the Git read access settings for forked repositories since they inherit their access settings from the root repository by default.
- If a public repository becomes private, then anonymous Git read access will automatically be disabled for that repository and it forks.
- If a repository with anonymous authentication contains Git LFS assets, it will fail to download the Git LFS assets since they still require authentication. We strongly recommend not enabling anonymous Git read access for a repository with Git LFS assets.
- In the upper-right corner of any page, click .
- In the left sidebar, click Enterprise.
- In the enterprise account sidebar, click Settings.
- Under " Settings", click Options.
- Under "Anonymous Git read access", use the drop-down menu, and click Enabled.
- Optionally, to prevent repository admins from changing anonymous Git read access settings in all repositories on your instance, select Prevent repository admins from changing anonymous Git read access.
Enabling anonymous Git read access for a specific repository
Notes:
- You cannot change the Git read access settings for forked repositories since they inherit their access settings from the root repository by default.
- If a public repository becomes private, then anonymous Git read access will automatically be disabled for that repository and it forks.
- If a repository with anonymous authentication contains Git LFS assets, it will fail to download the Git LFS assets since they still require authentication. We strongly recommend not enabling anonymous Git read access for a repository with Git LFS assets.
- In the upper-right corner of any page, click .
- In the search field, type the name of the repository and click Search.
- In the search results, click the name of the repository.
- In the upper-right corner of the page, click Admin.
- In the left sidebar, click Admin.
- Under "Danger Zone", next to "Enable Anonymous Git read access", click Enable.
- Review the changes. To confirm, click Yes, enable anonymous Git read access.
- Optionally, to prevent repository admins from changing this setting for this repository, select Prevent repository admins from changing anonymous Git read access.
