specifying port numbers for git protocol

Showing 1-2 of 2 messages
specifying port numbers for git protocol Tom Roche 3/28/12 2:48 PM

How to specify the port that git protocol uses? What I mean:

I'm working on a cluster which blocks port 22 outgoing, which causes
git operations using git protocol to hang. E.g., if I attempt to
`git push ...` from the cluster to a repository I own on github,
the process hangs if my `git config` has (e.g.)

remote.origin.url=git@github.com:me/project.git

but succeeds with

remote.github.url=https://me@github.com/me/project.git

With one caveat: the admins also refuse to install root certificates,
so I can only perform git operations to github using https protocol
by, e.g.,

env GIT_SSL_NO_VERIFY=true git ...

I'm trying to migrate my dev team to git, so I'd like to minimize
collective annoyance. One of the admins writes that

> port 22 (ssh) is blocked by the firewall, but you should be able to
> go out on port 443.

So I'm wondering, how to setup git users on the cluster so that
git protocol will use port=443 automagically? Should this be done
via git (e.g., using `git remote` or `git config`)? or via ssh
(e.g., using ~/.ssh/config), or some other way?

TIA, Tom Roche <Tom_...@pobox.com>

Re: [git-users] specifying port numbers for git protocol Konstantin Khomoutov 3/28/12 3:57 PM
On Wed, Mar 28, 2012 at 05:48:05PM -0400, Tom Roche wrote:

[...]


>> port 22 (ssh) is blocked by the firewall, but you should be able to
>> go out on port 443.
>
> So I'm wondering, how to setup git users on the cluster so that
> git protocol will use port=443 automagically? Should this be done
> via git (e.g., using `git remote` or `git config`)? or via ssh
> (e.g., using ~/.ssh/config), or some other way?
github.com serves HTTPS on port 443, so while there's no problem
with specifying port when accessing the server via SSH
(just set the URL like "ssh://user@github.com:443/path/to/repo";
see the git-fetch manual page for more info) there's no point
in doing so: the server does not speak SSH on that port.

So if you're really about using github for your "central server",
then either make all members of your team have that environment variable
set or find a way to make libcurl (which Git uses for HTTP[S] transfers)
not verify certs by tweaking some user's configuration file.

Another way would be to install an SSL tunnel on a box in what you
called "the cluster" which would listen on some port (say, 80) for plain
HTTP and tunnel that traffic to github.com:443.  I think that stunnel in
client mode of some reverse proxy (Apache with mod_proxy, probably nginx)
could do this.  You would then have your team communicate with that box
using plain HTTP and it would proxy the requests to the SSL-terminated
github server.