How to access Git running on jail?

D

divdev

Hi, I have Git + Gitosis running on a jail. The jail has a private IP. I want to be able to access the jailed repository from outside (public IP), but I don't know how to do it. I cannot redirect all packets coming through port 22 to the jail (I need ssh in the host too).

Code: 
Internet ->  (public ip : port 22) [Host Machine] -> (private ip : ssh) [Jailed Git + Gitosis]

I can access the repository internally (git clone git@192.168.1.2) but not from outside. I'm using HAProxy (on the host) to redirect domains to their respecive jails (running http servers), but didn't see any info about how to catch ssh through HAProxy.

Appreciate any help.
Thanks.
 
divdev said:
but didn't see any info about how to catch ssh through HAProxy.
Click to expand...
That's because you can't. HAProxy works by looking at the HTTP 1.1 Host: header. Obviously such a header doesn't exist in the SSH protocol.

The only way to solve this is to forward, for example, port 2222 from the outside to your jail's port 22. You will then need to connect to port 2222 instead of 22.
 
SirDice thanks "again" :), it works! It's great when things works as expected.
I found the rules to redirect on this forum, i'm using :

Code: 
# /etc/pf.conf

git-gitosis="192.168.x.x"
rdr pass on $ext_if proto tcp from any to $ext_if port 2222 -> $git-gitosis port 22

And the syntax to use git on another port :

Code: 
git clone ssh://git@example.com:<port>/<project name>

Thanks again.
 
You must log in or register to reply here.
Back
Top