hpcjgrac/SPMT
1
0
Fork 0
Code Issues Pull requests Releases Activity

Add git ssh protocol

Browse source
This commit is contained in:
Jose Gracia 2024-05-15 11:01:45 +02:00
parent 86aac1593e
commit b36a8ecd7e
1 changed files with 44 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
guides/Best_practise--Connecting_Hawk_to_the_world
View file

@ -89,8 +89,52 @@ hawk> python3 -m pip install /sw/general/x86_64/development/python/share/PySocks
## Using proxy with git
Git essentially supports two [protocols](https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols) for communication with remote repositories:
- HTTP protocol
- SSH protocol
Both protocols can routed through a SOCKS5 proxy.
Two protocols: https and ssh
Push works with https protocol as well, see below.
### git https protocol
### Git with ssh protocol
Requirements:
- set up a proxy with ssh as describe in [this section](#setting-up-a-proxy-with-ssh)
The other protocol for accessing remote git repositories uses ssh. Repository URLs for this protocol in general look like
```bash
[user@]server:[somepath/]project.git
```
On github.com for instance, it is
```bash
git@github.com:user/project.git
```
Repositories like these require to authenticate with an ssh public key. We recommend to create a dedicated key for access to the repository from Hawk, and to register (upload) it with the repository. The following will assume the public key file is name `repo_from_hawk.pub`.
When using the ssh protocol, git will start ssh to establish a connection from Hawk to the repository server (e.g. github) but fail. Instead, you need to tell ssh to routed the connection through your reverse tunnel, the one you have set up [above](#setting-up-a-proxy-with-ssh). The easiest is to add the following to your ssh configuration file (`.ssh/config`):
```bash
Host github.com
# replace XXXX below with port number of your reverse tunnel
ProxyCommand ncat %h %p --proxy localhost:XXXX --proxy-type=socks5
IdentityFile ~/.ssh/repo_from_hawk
PasswordAuthentication no
```
Replace the `XXXX` above with the port number of your reverse tunnel, i.e. `$MY_PROXY_PORT` in the instructions above. Please note, that the proxy command above works on Hawk, but may fail on other systems. In particular, there is various versions of the _netcat_ utility, all of which use different command line arguments.
Now all operations on remote git repositories should work as long as your reverse tunnel is up
```bash
git clone git@github.com:user/project.git
git fetch
git pull
git push
```
Again, we recommend to keep the reverse tunnel open as briefly as possible.