English 中文(简体)
Accessing a git repository via ssh behind a firewall
原标题:

I would like to access (clone/push/pull) a private (via ssh) git repository while behind a corporate firewall that only allows http proxy access. I have written a robust Java (daemon) program (based on the JSCh class library) that will allow me to leverage local and remote port forwarding and I am hoping to leverage this but my brain hurts when I try to envision how to set this up.

The git repo depot (to coin a phrase) is at foo.server.com/var/git so the natural inclination, ignoring the fireall, to set up a clone would be:

$ git clone ssh://foo.server.com/var/git/myrepo.git

but the firewall will block this command. I m inclined to try something like

$ git clone ssh://localhost:8022/var/git/myrepo.git

where localhost:8022 is forwarded to foo.server.com:22

So is this path worth pursuing? Is there any easier solution that is still secure? Are there pitfalls or gotchas I should be aware of?

最佳回答

Can you get a normal ssh (command-line) session going? If so, git should also work.

When using ssh, git should pick up your configuration options in .ssh/config. If that is not enough, you can point the environment variable GIT_SSH at a modified version of ssh (or shell script wrapper).

问题回答

Using socat and a .ssh/config like this:

Host=foo.server.com
ProxyCommand=socat - PROXY:your.proxy.ip:%h:%p,proxyport=3128,proxyauth=user:pwd

You should be able to ssh to foo.server.com and

git clone ssh://foo.server.com/var/git/myrepo.git

is expected to work.

This is my setup working under a Linux machine (localhost on port 18081 is a proxy).

cat ~/.ssh/config
Host  github.com
  User git
  ProxyCommand nc -x localhost:18081 -Xconnect %h %p

When you do git clone http://example.com/gitproject.git or git clone https://example.com/gitproject.git, you re using the HTTP/HTTPS protocol.

Git respects http_proxy and https_proxy envrionment variables, so you can simply execute the following command in a shell:

export http_proxy=socks5://localhost:1080 https_proxy=socks5://localhost:1080

After that, your git command under the same shell will use the proxy for HTTP/HTTPS connections.





相关问题
git confusion - cloning a repo is returning a past version

Im having some confusion with my git usage. I cloned a repo from one comp to the other, and the new clone is the state of the original that was active some time ago. So its cloning a past version. ...

Appropriate strategy for tagging and hotfixing with git

I was wondering if the strategy I m using for tagging and hotfixing tags (which then I use for deploying rails applications) with git is appropriate. For tagging I just tag a commit of the master ...

Tips on upgrading CVS to git/hg?

We still use CVS, I use git and hg for my personal use though I m still a novice at both, but I realize they re much more modern and better, faster, distributed, etc. It s just everyone is so ...

Using Git in a TFS shop

Using Git at home has spoiled me - I now find using TFS at work to be a bit of a drag and want to explore the possibility of using Git locally and syncing somehow with TFS. I figure there are a few ...

热门标签