Reputation: 27285
I have a setup where we are using a bastion/jump-host to access a remote server and I'm having issues doing my git clone.
In my git config i have the followings setup:
Host *.remotedomain.org
ProxyCommand ssh -l username jumphost nc %h 22`
LogLevel DEBUG1
LogLevel DEBUG1
So if I do ssh remoteDevel.remotedomain.org
it will route me via this proxy host and all is good.
#Log into remote machine via SSH
ssh remoteDevel
#Clone repo
git clone ssh://[email protected]:7999/mirror/disjockey.git
What I noticed is the SSH debug "stuff" prints out this line
Initialized empty Git repository in /home/USER/disjockey/.git/
debug1: Executing proxy command: exec /usr/bin/sss_ssh_knownhostsproxy -p 7999 stash.remotedomain.org
This looks like to me like its making a proxy into the Atlassian Stash server to pull down the git repo (good)
When I try the same command locally things go awry
git clone ssh://[email protected]:7999/mirror/disjockey.git
First I see it tries to go via the jumpiest
debug1: Executing proxy command: exec ssh -l USERNAME jumphost nc stash.remotedomain.org 22
....
#Lots of junk
....
debug1: Next authentication method: password
[email protected]'s password:
Well obviously it isn't working as I hoped. From what I can tell my proxy command is likely off as it looks like its trying to proxy into stash:22
when I run it locally and into stash:7999
when I run it remotely.
I tried to change my proxy command to:
ProxyCommand ssh -l username jumphost nc %h 7999
But that seems to never log in correctly. Not exactly sure what to do here but I'm assuming its probably something simple that I'm missing?
I found a way to make things work - but I'm confused as to how this actually helps things
First I create a Socks Proxy with : ssh -D 1080 machine.remotedomain.org
Then I edit my .ssh/config
#Host *.remotedomain.org
# ProxyCommand ssh -l username jumphost nc %h 22`
# LogLevel DEBUG1
Host stash.remotedomain.org
User git
ProxyCommand nc -x localhost:1080 %h %p
And then my git clone
will work, however, this is problematic because i had to comment out the lines i needed in the 1st place to create my socks tunnel.
Upvotes: 5
Views: 8706
Reputation: 27285
We got things working! Here was the .ssh/config
that did the trick.
Host remote connects to the machine gen1
on the remote network.
Connecting to: stash.remotedomain.org basically does a 2nd proxy on top of the remote one, and proxies into port 7999
which is what the git server (atlassian stash) is running.
Host remote
HostName gen1
ProxyCommand ssh -l username jumphost nc %h %p
Host stash.remotedomain.org
ProxyCommand ssh remote nc stash 7999
So when I do: git clone ssh://[email protected]:7999/mirror/disjockey.git
everything works!!
Upvotes: 10