On Mon, Jan 12, 2009 at 12:13:44PM +0100, Jakub Narebski wrote: > Alex Riesen wrote: > > 2009/1/12 Jakub Narebski <jnareb@xxxxxxxxx>: > > > > Do you have any suggestions to bypass this block for git? I have access > > > to Linux shell account (no root access, though) which doesn't have > > > problems with repo.or.cz, so I think I could set up SSH tunnel: but > > > how? And what to do with access via git:// - move to SSH too? > > > > See man ssh, look for -L. It works for arbitrary ports, so you can redirect > > git:// port to anywhere. Same for push over ssh, just give another port when > > connecting. > > Currently I have the folowing in my ~/.ssh/config: > > # TP S.A. blocks repo.or.cz > Host repo.or.cz > NoHostAuthenticationForLocalhost yes > HostName localhost > Port 2222 > > and I can simply use "git push repo" without any changes. > But I have to run > > $ ssh -f -N -L 2222:repo.or.cz:22 jnareb@xxxxxxxxxxxxxxxx > > first. Is there any way to automate this? For those cases I use the attached script. Read the first lines, with information on how to install. The end result is that I can do: ssh host1--host2--host3 Or scp, rsync, etc. Regards, Luciano Rocha -- Luciano Rocha <luciano@xxxxxxxxxxx> Eurotux Informática, S.A. <http://www.eurotux.com/>
#!/bin/bash ## SSH connection chaining ## ## (C) 2007, Luciano Rocha <strange@xxxxxx> ## ## This program is free software; you can redistribute it and/or ## modify it under the terms of the GNU General Public License ## as published by the Free Software Foundation; either version 2 ## of the License, or (at your option) any later version. ## ## This program is distributed in the hope that it will be useful, ## but WITHOUT ANY WARRANTY; without even the implied warranty of ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ## GNU General Public License for more details. ## ## You should have received a copy of the GNU General Public License ## along with this program; if not, write to the Free Software ## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, ## MA 02110-1301, USA. ## ## Or check the webpage: http://www.gnu.org/licenses/old-licenses/gpl-2.0.html ## ## Documentation: ## ## Include in your .ssh/config: ## host *--* ## proxycommand ssh_p %h %p ## ## And then you can do: ## ssh hosta--hostb--hostc ## scp hosta--hostb--hostc:file . ## ## A user specification is also possible, but not for the last host, for ## that one, you'll have to use ssh's standard user specification (user@host ## or -luser): ## ssh usera_hosta--userb_hostb--hostc -luserc ## scp userc@usera_hosta--userb_hostb--hostc:file . ## ## Compression is disable on all proxy sshs, as traffic is already encrypted. ## Activate compression in the master ssh command, if desired. ## ## Environment variable SSH_CONFIG_FILE can point to a ssh configuration ## file for use in the proxy sshs. ## missing hops h="${1%--*}" ## nc target rh="${1##*--}" p="${2:-22}" ## user for next hop u= n="${h##*--}" if [ -z "${n##*_*}" ]; then u=${n%%_*} if [ "$h" != "$n" ]; then h="${h%--*}--${n##*_}" else h="${n##*_}" fi fi echo "${SSH_INDENT}+ connecting to $h for $rh" >&2 exec env SSH_INDENT="${SSH_INDENT} " ssh -o "Compression no" \ ${SSH_CONFIG_FILE:+-F$SSH_CONFIG_FILE} \ ${u:+$u@}$h \ "echo \"${SSH_INDENT}- connected to $h, forwarding to $rh:$p\" >&2 ; nc -w 3600 $rh $p"
Attachment:
pgp1f0j8nJOt2.pgp
Description: PGP signature