1

Please help

I'm attempting to communicate with git / github on a linux ubuntu server via SSH while also having a different port for SSH ( not 22 ). When I attempt to git clone, I am using this command:

$ git clone -v [git@github.com:12345]:username/project-web.git myfolder

It hangs for about 3 minutes then I get this output:

Cloning into 'myfolder'...
ssh: connect to host github.com port 12345: Connection timed out
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

I have my firewall ( UFW ) setup correctly; I can successfully SSH and connect to the server. This is my UFW configuration:

22                         DENY        Anywhere
12345/tcp                  ALLOW       Anywhere
12345                      ALLOW       Anywhere
22/tcp                     DENY        Anywhere
22 (v6)                    DENY        Anywhere (v6)
12345/tcp (v6)             ALLOW       Anywhere (v6)
12345 (v6)                 ALLOW       Anywhere (v6)
22/tcp (v6)                DENY        Anywhere (v6)

And this is my ~/.ssh/config file:

Host github.com
    User git
    Hostname github.com
    IdentityFile ~/.ssh/deploy
    IdentitiesOnly yes
    Port 12345

and my /etc/ssh/sshd_config file:

...
Port 12345
...

I've tried these other related SO answers and still no luck:

git remote add with other SSH port

Git On Custom SSH Port

What am I doing wrong? Am i using the wrong command? I've tried many of the commands in the related answers above, still no luck.

Zac
  • 1,719
  • 3
  • 27
  • 48
  • Note that `git` != `github`--github is a cloud service that uses the git protocol. You are trying to connect to `github.com` on port 12345 which times out as I'd expect. Do you want to connect *from* the 'linux server' to `github` or from another workstation to the 'linux server'? – karmakaze Dec 29 '19 at 06:54
  • @karmakaze yes, I'm using `github` and I understand that part. I'm just trying to use `git` with `github` via SSH through another port. To clone, pull, checkout, etc. Is it something wrong with my `~/ssh/config` file maybe? – Zac Dec 29 '19 at 06:58
  • 1
    There is no setting on `github.com` that I'm aware of that lets you choose what port to connect to their service on. It's always https (port 443) or ssh (port 22). – karmakaze Dec 29 '19 at 06:59
  • To put it another way, when you knock on GitHub's door and they say "who is it" and you say "port 12345", they say "go away, we don't like you." You must say "port 22" first. It's perfectly OK to block *inbound* connections on port 22; don't block *outbound* ones, and don't try to use a different port when talking to GitHub. – torek Dec 29 '19 at 07:01
  • Note that running your own inbound ssh server on a nonstandard port is fine, and offers you some minor advantages, but doesn't give you a huge amount of security: someone running a port scanner can see that your system answers on that port, and can then probe to see what might be running on that port, and figure out that it's an ssh server. – torek Dec 29 '19 at 07:03
  • thanks gentlemen for the help, I know what to do now thanks to everyone in this thread. thanks – Zac Dec 29 '19 at 18:30

2 Answers2

2

In short you can't change the port on which the remote service is listening. You are trying to use non-default port 12345 with github.com This is not going to fly. Also changing stuff in /etc/ssh/sshd_config is totally irrelevant here. It changes the behavior of your sshd (i.e. if someone tries to ssh or git@ssh to your machine).

Btw. you can test your ssh connection to github w/ this one-liner:

ssh -T git@github.com

Note that any non-default port will hang the connection (ssh -T git@github.com -p 12345)

Jiri Kremser
  • 12,471
  • 7
  • 45
  • 72
  • Ok thanks, I was starting to think that github just won't handle other port numbers. Appreciate everyone thank you guys – Zac Dec 29 '19 at 18:29
1

First, if you want your ~/.ssh/config to be taken into account, your SSH URL should be

github.com:username/project-web.git

(no git@, no :12345)

Second 12345 would only work with a reverse proxy, which would then redirect to port 22 or 443 (when "Using SSH over the HTTPS port").
Regarding port 443, the Hostname would then be ssh.github.com.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250