I have setup an ssh connection on computer B and I am connecting to it properly via ssh. I want to execute a git pull command so that it would pull the repo to computer A instead of B. Is that too much of a hassle or maybe is there an alternative?
I basically need to copy whatever git pull pulled on computer B to my computer A. The only thing I have is just an ssh connection between the two and the repo is only reachable from computer B.
If I understand correctly, you want to use Git over an SSH tunnel so that computer A can access the repository REPO.git on computer C via computer B
On computer A, open the SSH tunnel:
ssh -L3333:compC:22 compB
From a second console on computer A:
git clone ssh://git#localhost:3333/REPO.git
It's possible to run git commands over double ssh tunnel. The accepted answer there is a bit outdated, ssh currently can construct a tunnel without external commands like netcat or socat.
Configure in your ~/.ssh/config:
Host server
HostName git-server
ProxyCommand ssh -W %h:%p B
This configures ssh to start a connection to the host B and opens a
tunnel over that connection to the host git-server. Run
git pull ssh://server/path/to/repository
Another possible solution is to use ext:: remote helper. See the second answer at the linked question. Run
git pull "ext::ssh -t B ssh git-server %S '/path/to/repository'"
I'm not sure it will answer your question, but if it's only for pulling, you can use the scp command after pulling on B:
scp <source> <destination>
It will copy as the cp command but through your ssh connection.
An other solution,(and the most straightforward solution in my opinion) is to just :
Connect to the remote machine via SSH
Push the remote changes to a git branch
Pull the changes from the remote branch from your local machine
Related
Issue
I am trying to use git in /opt/jamf2snipe directory on an EC2 Instance. I have tried the following command:
sudo git clone git#github.com:MYUSERNAME/jamf2snipe-school.git
It says connection timed out:
Cloning into 'jamf2snipe-school'...
ssh: connect to host github.com port 22: Connection timed out
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
If I try to run this in my home directory it works fine. It seems to be a permission issue with /opt. I am wary of changing permissions for /opt.
Setup
I am trying to do this on an Amazon EC2 Instance. Currently SSH is limited to certain IP addresses (not including Github). I followed this article from github to use SSH over HTTPS. I tested to make sure I had stuff setup correctly by using:
$ ssh -T git#github.com
received
Hi USERNAME! You've successfully authenticated, but GitHub does not provide shell access.
I did this in /opt/jamf2snipe and the home directory successfully.
First, make sure to, if possible, not use sudo.
In addition of executing commands as root (which is dangerous), it uses its own environment variable, and SSH settings (in /root/.ssh), which differs from your normal EC2 user.
Conversely, making a repository in /opt, which might be accessible only by root, is not the best spot to clone a repository.
Second, Using SSH over the HTTPS port is the usual solution (like this one from 2018) on EC2, where the firewall can block by default SSH egress traffic.
The setup is as follows:
remote private server far far away
remote private server has private gitlab instance on port XXXX
remote private server is configured to allow SSH sign-on via SSH key
gitlab instance on port XXXX of remote private server requires SSH key authentication using different SSH key
How can I clone that repository onto my local machine, and push/pull data remotely given that setup?
This is how I access it locally when I am not far, far away from remote private server:
git clone git#XXX.XXX.XX.X:REPODIR/repo_name.git
In this case, XXX.XXX.XX.X is the IP of the local git-lab instance on the remote network.
Is there anyway to tunnel into the remote network and access the gitlab instance by proxy (forgive me for using the word wrong likely).
Thank you.
Ok, mostly thanks to #o11c for this, although here are my findings that led me to be able to clone my repo remotely.
Disclaimer: ProxyJump (-J see ssh manpage) is the shorthand, more modern, version of this but I couldn't get it working -- if anyone wants to update with their implementation of ProxyJump that would be useful!
SSH into your remote account to the main server with port to your gitlab or other application instance, using your main identity (this can be in ~/.ssh or you can manually reference it with -i)
ssh -ND 3131 nkunes#XXX.XXX.1.146 -i ../../keys/XXX-ssh &
I then source this bash script in the shell I intend to run git commands (notice the ProxyCommand usage instead of ProxyJump, this is the old method of doing this yet it works well for me. also notice the 127.0.0.1:PORT should be swapped with your application's port)
alias ssh="ssh -o ProxyCommand='/usr/bin/nc -X 4 -x 127.0.0.1:3131 %h %p'"
export GIT_SSH=~/Desktop/XXX-eng/ssh-access/ssh-proxy.sh
export PRE_SSH_ALIAS_PROMPT="$PS1"
export PS1="<< SSH ALIAS >>$PS1"
Where ssh-proxy.sh is defined as follows: (again, swap the port out for your application, and possibly use ProxyJump if want modern implementation)
ssh -o ProxyCommand='/usr/bin/nc -X 4 -x 127.0.0.1:3131 %h %p' "$#"
Then, you can clone normally using:
git clone git#XXX.XXX.XX.X:REPODIR/repo_name.git
How do I transfer a file from my local machine to a remote host to which I need to get through a jump host? These are the steps I follow to connect to the remote host
1. ssh myname#jump-host
2. enter password
3. sudo su - another-random-name
4. ssh name#remote-host
Now I want to transfer a file from my local machine to the remote-host. How would I achieve this? I have already tried scp -oProxyCommand but I don't quite know where I should include step 3 as part of this command?
Use port forwarding to get third host ssh port on your localhost, in this way:
ssh -L 2222:remote-host:22 myname#jump-host
then (on another tab/shell on first host):
scp -P 2222 file myname#localhost:
will copy directly to remote host.
On the jump host under another-random-name run
ssh -L 2222:remote-host:22 myname#jump-host
then on your local computer you can run
scp -P 2222 file name#jump-host:
SCP will try to connect to jump-host, while in fact this connection will be forwarded to jump-host. And will use name as it is connecting to remote-host.
You are probably still facing problem with certificate for another-random-user. You can either create certificate on your machine for your-local-user and put public key on remote-host in user allowed keys.
I'm trying to push my project on git to my remote Linux server from my local Windows PC.
I have no issues connecting to my server through SSH when I use PuTTY. But PuTTY is only for the remote server, and doesn't let me look in my own local pc - so I can't access my git repository to push from.
Instead I've been trying with Git Bash, where I go to the repository(master) of my git project, and then attempt "git push production master". Receiving "Permission denied (publickey)" in response in Git Bash.
I have loaded by private key from my user/.ssh folder on local pc, using PuTTYgen, copy/pasted the public key it shows into my Github account's SSH-keys.
This is the same key that I use for connecting with PuTTY(which works).
If I use "git remote -v" in Git Bash, I receive what is the correct url for the server:
"
production ssh://notacop#mafiauniversedata.com/var/repo/site.git (fetch)
production ssh://notacop#mafiauniversedata.com/var/repo/site.git (push)
"
"notacop" is the admin user I made instead of root, which is also the one that I use in PuTTY.
If I attempt "ssh notacop#mafiauniversedata.com" in Git Bash I also receive the "Permission denied (publickey)" response. So seemingly the issue is related to the publickey that Git Bash uses, as it can't connect at all.
My user/.ssh folder contains:
digitalocean_private_key (is the one PuTTY uses/the one generated by PuTTYgen) + digitalocean_public_key
github_rsa + github_rsa.pub
id_rsa + id_rsa.pub
known_hosts
I feel like I've set things up in accordance with the general guidelines, and it does work in PuTTY, so the issue must be related to Git Bash and how Git Bash establishes ssh connection.
But I'm fairly clueless about how to fix the issue, and haven't been able to find a solution from searching. My guess is that it's something fairly simple, but I've been stuck on this for a couple weeks now, not getting anywhere because of it.
Any answers that can lead me in the right direction will be highly appreciated!
If anything about my question is unclear, or you need more information to answer, please let me know.
I don't know why Git Bash's own ssh doesn't seem to work for you,
but I have a better recommendation: make Git Bash use PuTTY, by setting the GIT_SSH environment variable to the path of plink.exe (that's not a typo, it's not putty.exe, but another executable that comes with the zip of PuTTY tools).
The main advantage and reason to do this is so that Git Bash can benefit from pagent.exe, the key manager of PuTTY.
So that you can enter your passphrase once,
when adding your private key to Pagent,
and then you don't need to re-enter it every time you perform remote operations in Git Bash.
I have several remote machines that need to pull from a repo after I've completed testing and ready to make updates to production (python Flask app and supporting classes). A couple of the machines need to pull from a different branch, as well. I've been SSHing to each machine to run the git pull, but this is getting annoying and time consuming.
I'm trying to run an ssh command that completes a git pull. This is what I've tried:
ssh dev#<remote IP> "cd /home/dev/<repo> && git pull"
And I'm getting a
Permission denied (publickey).
fatal: Could not read from remote repository.
I'm able to run other git commands just fine that don't interact with remote origin. Such as:
ssh dev#<remote IP> "cd /home/dev/<repo> && git remote -v"
When I actually ssh on to the remote machine. I have no problem navigating to the directory and running a git pull.
I also made sure that I added the ssh key to an ssh-agent so that password prompts on the key wouldn't be an issue.
Thought it could potentially be a key permissions issue, so I double checked that the key is readable by the user I'm running the command as.
It's frustrating that I am able to ssh on to the remote machine and run the pull just fine, but cannot run the command with the format above.
Thanks a ton for any help!
Use the -A option.
ssh -A dev#<remote IP> "cd /home/dev/<repo> && git pull"
I ran across the option in a comment here when trying to find the answer to this problem: https://serverfault.com/questions/762983/ssh-and-git-pull-from-remote-server
From https://linux.die.net/man/1/ssh:
If the ForwardAgent variable is set to ''yes'' (or see the description of the -A and -a options above) and the user is using an authentication agent, the connection to the agent is automatically forwarded to the remote side.
From what I understood with your issue, here is my suggestion :
[ Information is somewhat incomplete though ]
GIT reads your id_rsa.pub in root user directory : /home/root/.ssh/id_rsa.pub
That's why your key in /home/your_username/.ssh/id_rsa.pub might not be read by git.
Hence, please check and create the key in /home/root/.ssh/
$ sudo su
$ ssh-keygen
$ cd ~/.ssh
$ cat id_rsa.pub
Hope it helps.