Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Git, SSH and ProxyCommand

Tags:

git

ssh

proxy

I have a git server that is behind a firewall. I can access the firewall from my home, but not the git server. However, I can access the git server from the firewall (that is, I can SSH to the firewall and then SSH from the firewall to the git server). I am looking to push and pull to the git repos from my home machine, and I thought the SSH ProxyCommand would do it. So I added the following to my SSH config file:

Host git_server
 HostName git_server.dom
 User user_git_server
 IdentityFile ~/.ssh/id_rsa
 ProxyCommand ssh firewall exec nc %h %p

Host firewall
 HostName firewall.dom
 User user_firewall
 IdentityFile ~/.ssh/id_rsa

With this setup, I can directly SSH to the git server by doing ssh git_server. However, git commands that need to talk to the server do not work. git remote show origin fails with the message:

ssh: connect to host git_server.dom port 22: Operation timed out
fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists.

The url of the origin repo is 

ssh://user_git_server@git_server.dom/path/to/bare/repository/repo.git

I think I have most of the things in place, but am missing a small crucial piece. Any pointers to what I could be doing wrong?

like image 756
Varun Vats Avatar asked Jun 15 '13 00:06

Varun Vats

2 Answers

ssh://user_git_server@git_server.dom/path/to/bare/repository/repo.git
                      ^^^^^^^^^^^^^^

You are using the wrong URL for your repository. Since your ssh config file has a host entry for git_server you need to use that host name in your repository URL as well, otherwise SSH will not use a ProxyCommand.

The correct URL should be either

ssh://user_git_server@git_server/path/to/bare/repository/repo.git

or simply

user_git_server@git_server:/path/to/bare/repository/repo.git
like image 133
innaM Avatar answered Sep 30 '22 14:09

innaM

It is possible, as mentioned in "Git clone from remote ssh repository - change the machine on the remote network before executing the clone command", that you don't have the command netcat on the proxy server.

You have also another solution with socat, which will negotiate with the HTTP(S) proxy server using the CONNECT method to get you a clean pipe to the server on the far side. See socat.

host gh
    user git
    hostname github.com
    port 22
    proxycommand socat - PROXY:your.proxy.ip:%h:%p,proxyport=3128,proxyauth=user:pwd

Now you can just say (for example):

git clone gh:sitaramc/git-notes.git
like image 35
VonC Avatar answered Sep 30 '22 14:09

VonC
Sign in to Comment

Related questions

jupyter notebook and github.
Why doesn't `git merge <branch> --squash` make a commit?
Undo changes is not working, either on Visual Studio or SourceTree
COPY only Git tracked files in Dockerfile
SSH Bitbucket Clone in Visual Studio 2019 not working
Moving submodules with Git [duplicate]
git commit directory
Git failing to ignore .DS_Store defined in global ignore
Why Mercurial doesn't need "recursive merge strategy"?
WinMerge via git difftool keeps prompting for second file
Resolving conflict in git
Using Git to distribute nightly builds to a studio
Use Xcode 4 as Git difftool
GitHub: How to add Gist to repository?
error: Untracked working tree file
How to find previous merge commit
still being prompted for credentials after installing credential-osxkeychain
Setting up Git to fetch all remote branches
Why am I missing git2.h and how do I get it back?
Feature backporting in Git / Subversion

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!