2

I'm created user "gitproxy" on the server side, added my ssh key to its authorized keys and trying to work with git daemon over ssh:

gitproxy:~$ git daemon --port=2222 --verbose

but have the error: On client side:

o:~/git$ git clone ssh://server>:2222/home/gitproxy/git
Cloning into 'git'...
ssh: connect to host <server> port 2222: Connection refused
fatal: Could not read from remote repository.

On server-side:

[18666] Ready to rumble
[18667] Connection from 192.168.211.174:42416
fatal: protocol error: bad line length character: SSH-
[18666] [18667] Disconnected (with error)

Repo is exists. Also I normally enter this server via SSH without a password (so, my ssh key is accepted):

$ ssh gitproxy@192.168.201.84
gitproxy@192.168.201.84:~$

Also, I can get list of branches with git-receive-pack from my desktop (client side):

$ ssh gitproxy@192.168.201.84  git-receive-pack  /home/gitproxy/git
008fef8bbf80818e6b634ca56c3ef6c24e5bbdb7bf74 refs/heads/masterreport-status delete-refs side-band-64k quiet atomic ofs-delta agent=git/2.16.1
0046ef8bbf80818e6b634ca56c3ef6c24e5bbdb7bf74 refs/remotes/origin/HEAD
0048ef8bbf80818e6b634ca56c3ef6c24e5bbdb7bf74 refs/remotes/origin/master

I checked all the possible fixes that are proposed on stackoverflow. But git daemon still returns the error. I'll be very grateful for any help. Thanks in advance!

Alexander
  • 73
  • 6

3 Answers3

0

git-daemon doesn't speak SSH protocol, it speaks simple git protocol; the URLs for the protocol must start with git://, not ssh://. I.e. the URL for your server is git://192.168.201.84:2222/.

To work with a git repo over ssh you need an ssh server. So it seems you have one: at gitproxy@192.168.201.84; ok, then the URL to the repo is ssh://gitproxy@192.168.201.84/home/gitproxy/git. Another "scp-like" syntax for the same URL is gitproxy@192.168.201.84:git.

phd
  • 82,685
  • 13
  • 120
  • 165
0

The git daemon is a server that implements the git protocol, i.e. the protocol used with git://... URLs. It does not understand the SSH protocol, so when you do:

git clone ssh://<server>:2222/home/gitproxy/git

you are trying to connect to <server>:2222 via the SSH protocol (due to the ssh://... URL). The git daemon then does not understand what SSH sends to it (the SSH- in the error message is part of the initial SSH handshake).

If you actually intended to use the SSH protocol to interact with the remote repository, there is no need to use git daemon at all. By using the ssh://... URL form, git commands will use SSH to invoke the needed remote commands (the receive-pack that you manually executed for example). In that case simply drop the port specification of the URL and quit the git daemon on the server. Authentication and encryption is provided by SSH working as the transport mechanism, authorization is done using filesystem permissions.

If you really want to use git daemon and the git protocol, change the URL to be git://<server>:2222/... instead. Note that the git protocol does not provide any authentication, encryption or authorization mechanism and the repositories exposed become fully public.

mmlr
  • 1,895
  • 11
  • 17
  • Thank you so much. But I need for - - access-hook of git daemon (or any other mechanism for executing some actions when I run "git pull" on client side. – Alexander Jan 27 '18 at 23:48
0

But I need for --access-hook of git daemon (or any other mechanism for executing some actions when I run "git pull" on client side).

Then, using only SSH (an no git daemon at all), you can use the SSH forced command mechanism that I illustrate for instance with gitolite.

In the ~gitproxy/.ssh/authorized_keys, you can call any script you want which will do an action, and then call Git itself, using $SSH_ORIGINAL_COMMAND (which will include the "git-upload-pack|git-receive-pack|git-upload-archive" Git command).

You can even install gitolite itself, as it would manage the authorization part for you.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250