Can not clone repo using Stash over SSH behind a proxy

Hello,

I have set up the Stash and created my test repo. The SSH is enabled but I changed the default ssh port to 29004. The host is my local computer but exposed to the outside world. I enabled port forwarding from outside to the stash on my router.

Now, I'm trying to clone that repo, sitting in different location (different network, different computer), being behind the http proxy. I created private/public key (stored in ../user directocy/.ssh), added public key to stash user profile. I set up git on windows machine and tried to clone repo with http copied from stash repo page - it failed. Than I found how to configure proxy in git, so I executed git config --global http.proxy with user:passwd@proxy_address. Retried cloning with http protocol and it worked (asked my for a password of stash user).

Then I wanted to performed the same operation using SSH protocol. I assumed that the proxy configuration is valid, the private key is located in a proper place and the public key is uploaded to stash. So I executed git clone ssh://git@stash_address:29004/repo_path and received:

Cloning into 'test-repo'...
ssh: connect to host xxxxx port 29004: Bad file number
fatal: The remote end hung up unexpectedly

I'm looking for the solution with git configs and suggestions, but right now I'm quite clueless. Any suggestions? Is this possible to be stash problem?

2 answers

1 accepted

1 vote
Jason Hinch Atlassian Team Jul 18, 2012

The proxy settings you have configured for git are only used when you are using a HTTP transport protocol. They are not relevant for SSH and aren't used. My guess is that the proxy server which is sitting between you and Stash is blocking access to the port SSH is available on (for you 29004) and that's why you are able to connect via HTTP and not SSH.

In this specific situation I would suggest using HTTP. many proxy configurations are designed to only allow HTTP and HTTPS.

I did not realised that http proxy settings might now be relevent for ssh protocol. Here is why - I opened ssh access to the host machine on a default port and using Putty I can connect and log in. To achieve this I had to set up http proxy in Putty with the same settings which I tried to use in git.

Those proxy settings in Putty are necessary to log in. Without them I get timeouts. I thought it should be similar in git. Maybe I'm not aware what is the difference between git ssh and putty ssh.

Ok based on your and Seb's comment I guess I shouldn't waste your time anymore.

Thanks!

1 vote
Seb Ruiz Atlassian Team Jul 17, 2012

My initial thoughts is that this is unlikely to be a problem with Stash, and rather your configuration has gone wrong somewhere.

One alarm bell is that you have mentioned configuring a proxy, however you haven't mentioned any details of where the proxy lives or how it is configured. You are also specifying that you are connecting straight to the stash server when cloning, and not the proxied address.

Also unclear, was the public keypair that you generated done on Windows or on the Stash instance. It needs to be done on the instance where you are cloning (ie the Windows box)

Some things you can do to try and narrow down the problem:

  • Check if you can clone locally on your machine using ssh
  • Is port 29004 available on your stash server if you nmap from the outside?

Some resources that may help:

  • ssh key pair was generated on windows machine on which I'm trying to clone the repo
  • I tried to generate keys with rsa as well as with dsa
  • a proxy I'm sitting behind is http proxy
  • as stated in my first question, I manage to clone the repo using http://... URL given by stash (with stash http port), failed only with ssh://... (with stash ssh port)

---

Check if you can clone locally on your machine using ssh

Yes, I can. I cloned the repo on my local computer (which is a host of git repository) using SSH

Is port 29004 available on your stash server if you nmap from the outside

to by honest, I failed to check this, I will try later on. I checked with nmap as shown in the posted link, but I only checked it on the local machine and the IP address could be treated as localhost as well, so it isn't trustworthy.

---

I guess, by performing just those few tests is seems this is indeed not stash problem.

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Jodi LeBlanc
Posted Thursday in Off-topic

Friday Fun: How do you recharge your batteries after a busy week?

Happy Friday – Fun Day! I don’t know about you, but I have been giving everything I’ve got this week (and most weeks) and come Friday I look for unique ways to recharge my batteries - rest, relax, a...

559 views 26 4
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you