Windows Firewall, Tinywall and GIT

Question

Just finally updated to Win7 from XP.
I am using Windows Firewall with added Tinywall (gives more control)

But when I use Git Bash, the firewall blocks all commands. If I disable the firewall then everything works OK

I cannot figure the proper exceptions to add to TinyWall whitelist.

I added the shell window as well as the git.exe for application exceptions but still no go. These exceptions program paths I added:

C:\Program Files (x86)\Git\git-cheetah\..\bin\sh.exe
C:\Program Files (x86)\Git\bin\git.exe

Example of error:

$ git pull
ssh: connect to host xxx.xxx.xxx port 22: Bad file number
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

score 13 · Accepted Answer · edited Mar 05 '17 at 07:14

13

To get TinyWall to work with git over SSH, you must white-list:

sh.exe
git.exe
ssh.exe

To work with git over HTTPS, you need only whitelist:

C:\Program Files (x86)\Git\libexec\git-core\git-remote-https.exe

or

C:\Program Files\Git\mingw64\libexec\git-core\git-remote-https.exe

edited Mar 05 '17 at 07:14

Li-aung Yip

12,320
5
34
49

answered Jun 03 '14 at 16:04

Karen

2,296
3
18
19

If you see the error described in the OP using Atlassian's SourceTree, whitelist `C:\Program Files (x86)\Atlassian\SourceTree\tools\putty\plink.exe` as well, that solved my issue. – Mahn Aug 29 '15 at 19:08

score 1 · Answer 2 · answered Apr 13 '19 at 12:57

1

On Windows 10 with TinyWall i had to add exception for:

C:\Program Files\Git\mingw64\libexec\git-core\git-credential-manager.exe

in addition to:

C:\Program Files\Git\bin\git.exe

C:\Program Files\Git\bin\sh.exe

C:\Program Files\Git\mingw64\libexec\git-core\git-remote-https.exe

answered Apr 13 '19 at 12:57

Software Developer

11
1

This is basically the same as [this answer](https://stackoverflow.com/a/24019816/3367799). Please don't repost answers. – JJJ Apr 13 '19 at 13:21

score 0 · Answer 3 · edited May 23 '17 at 12:25

0

If restarting your shell on Widows (after setting the whitelist) doesn't work, a workaround would be to use the port 443 for your ssh git session.
See this answer, also detailed in GitHub "using ssh over the https port".

Or you can try and switch to an https url, if your server supports it.

edited May 23 '17 at 12:25

Community

1
1

answered May 31 '14 at 05:01

VonC

1,262,500
529
4,410
5,250

no idea if the server supports https url (still not very familiar with git). I was hoping to be able to unblock those ports somehow instead of a work around. – Karen Jun 03 '14 at 16:00
@Karen is that server a known git hosting repo service? (like GitHub or BitBucket). Or is it a private server? – VonC Jun 03 '14 at 16:02
VonC - private hosting – Karen Jun 03 '14 at 16:05

Windows Firewall, Tinywall and GIT

3 Answers3

Linked