Git through SSH port forwarding (SSH tunneling)

Scenario:

A.  you are on a firewalled network, from where you can’t access github (remote port:9418 is not allowed)

or

B. you want to access a securized git server from home, but your IP is not on the git server’s whitelist.

and, of course, you have ssh access on a server that can do this.

 

A. Make a ssh tunnel to the git server

Me –> ServerWithSSHAccess –> GitServer

The comand to use is:

ssh ServerWithSSHAccess -L 2000:GitServer:22 -N ,

where 2000 is the local port you will connect to, and 22 is the remote port used to connect to the git server (if the connection uses git:// instead of default ssh port, change this to 9418). Then, instead of:

git clone GitServer/my_repo,

you must use:

git clone localhost:2000/my_repo

 

B. Automatically use tunnel to connect to git server

Furthermore, if the repository is already cloned on your computer, or you want to use the same addresses, you can config your ssh client to automatically pick the tunneled connection when connecting to the git server. In ~/.ssh/config, add:

Host GitServer

HostName 127.0.0.1

Port 2000

so now you can access your git repo as you were directly connected to it:

git clone GitServer/my_repo

git pull
git push

etc

About these ads

4 Responses

  1. Awesome thanks. Was very useful today ;)

  2. I also needed to specify git+ssh: “git clone git+ssh://localhost:2000/my_repo“.
    Just saying in case someone else ends up here ;)

  3. I am attempting to administer MySQL from a desktop application (Navicat or CocoaMySQL on Mac OS X) through an SSH tunnel. I am new to SSH tunneling, but the way I understand the forwarding is – I need to make an SSH connection on port 8888, which will route any activity on my local port 3307 to my web server’s port 3306. I am using local port 3307 since I have MySQL running locally on port 3306 and port 8888 as this is the port my host has specified for SSH. So I issue the following command in my OS X Terminal: ssh -2 -f -c blowfish -N -C myusername@myhost.com -L 3307/127.0.0.1/3306 -p 8888 And then enter the following into Navicat: Host: 127.0.0.1 Port: 3307 Username: root Password: ****** When I attempt to connect I receive the following error in Terminal: channel 2: open failed: administratively prohibited: open failed And the following error in Navicat: Connection Fail Lost connection to MySQL server during query I’m not sure where the problem is. But any suggestions would be very much appreciated. Thank you.

  4. One may also try adding this to .ssh/config:

    Host githost
    Hostname 10.20.30.40
    User git
    ProxyCommand ssh -e none user@serverwithsshaccess exec nc -w 1800 %h %p

    and then:

    git clone githost:dir/repo.git

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: