Git、SSH 和 ProxyCommand
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17119058/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Git, SSH and ProxyCommand
提问by Varun Vats
I have a git server that is behind a firewall. I can access the firewall from my home, but not the git server. However, I can access the git server from the firewall (that is, I can SSH to the firewall and then SSH from the firewall to the git server). I am looking to push and pull to the git repos from my home machine, and I thought the SSH ProxyCommand would do it. So I added the following to my SSH config file:
我有一个位于防火墙后面的 git 服务器。我可以从家里访问防火墙,但不能访问 git 服务器。但是,我可以从防火墙访问git服务器(即可以SSH到防火墙,然后从防火墙SSH到git服务器)。我想从我的家用机器上推和拉到 git 存储库,我认为 SSH ProxyCommand 可以做到。所以我在我的 SSH 配置文件中添加了以下内容:
Host git_server
HostName git_server.dom
User user_git_server
IdentityFile ~/.ssh/id_rsa
ProxyCommand ssh firewall exec nc %h %p
Host firewall
HostName firewall.dom
User user_firewall
IdentityFile ~/.ssh/id_rsa
With this setup, I can directly SSH to the git server by doing ssh git_server. However, git commands that need to talk to the server do not work. git remote show originfails with the message:
通过这种设置,我可以通过执行ssh git_server. 但是,需要与服务器通信的 git 命令不起作用。git remote show origin失败并显示以下消息:
ssh: connect to host git_server.dom port 22: Operation timed out
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
The url of the origin repo is
源代码库的 url 是
ssh://user_git_server@git_server.dom/path/to/bare/repository/repo.git
I think I have most of the things in place, but am missing a small crucial piece. Any pointers to what I could be doing wrong?
我想我已经准备好了大部分东西,但缺少一个重要的小部分。关于我可能做错了什么的任何指示?
采纳答案by innaM
ssh://user_git_server@git_server.dom/path/to/bare/repository/repo.git
^^^^^^^^^^^^^^
You are using the wrong URL for your repository. Since your ssh config file has a host entry for git_serveryou need to use that host name in your repository URL as well, otherwise SSH will not use a ProxyCommand.
您为存储库使用了错误的 URL。由于您的 ssh 配置文件有一个主机条目,git_server您还需要在存储库 URL 中使用该主机名,否则 SSH 将不会使用 ProxyCommand。
The correct URL should be either
正确的 URL 应该是
ssh://user_git_server@git_server/path/to/bare/repository/repo.git
or simply
或者干脆
user_git_server@git_server:/path/to/bare/repository/repo.git
回答by VonC
It is possible, as mentioned in "Git clone from remote ssh repository - change the machine on the remote network before executing the clone command", that you don't have the command netcaton the proxy server.
正如“从远程 ssh 存储库进行 Git 克隆 - 在执行克隆命令之前更改远程网络上的机器”中所述,您可能netcat在代理服务器上没有该命令。
You have also another solution with socat, which will negotiate with the HTTP(S) proxy server using the CONNECT method to get you a clean pipe to the server on the far side. See socat.
您还有另一个使用 的解决方案socat,它将使用 CONNECT 方法与 HTTP(S) 代理服务器协商,为您提供通向远端服务器的干净管道。见socat。
host gh
user git
hostname github.com
port 22
proxycommand socat - PROXY:your.proxy.ip:%h:%p,proxyport=3128,proxyauth=user:pwd
Now you can just say (for example):
现在你可以说(例如):
git clone gh:sitaramc/git-notes.git
