Which port must I ask to open to clone a git repository from bitbucket?

We're deploying a project on a VPN of a customer.

We must do a common

git clone [email protected]:<username>/<repo_name>.git

Actually we cannot because git cannot reach bitbucket.

We resolved first issue asking that server must be able to resolve bitbucket.org, so server must contact a dns in the "wan".

But now the mantainer of customer's infrastructure asked us which ports to open.

I have not this answer so I ask you, kindly: why port must I ask to open to be able to clone a repository from bitbucket?

Solution 1:

In Git, locations in the form of [user@]server:path are interpreted as SSH addresses (and the 'clone' tool literally runs ssh [user@]server in the background).

By default, SSH connects to port 22/tcp, which is the standard SSH port. Git does not change this, and BitBucket's SSH service likewise expects connections on the standard port 22/tcp.

However, BitBucket also have an alternate server, altssh.bitbucket.org, which accepts SSH connections on port 443/tcp instead (which is normally the HTTPS port, and often is already permitted). In order to use this (e.g. if your sysadmin does not want to allow the standard port 22), you could redirect connections by creating an ~/.ssh/config which contains:

Host bitbucket.org
    HostName altssh.bitbucket.org
    Port 443
    HostkeyAlias bitbucket.org

Another alternative is to clone the repository over actual HTTPS (which uses port 443/tcp), using a regular https:// URL that you can find on the repository's page. The disadvantage is that it requires using a password (or some special token) and doesn't support SSH keypairs. (But on the other hand, for public repositories it can be more convenient than SSH.)

git clone https://<username>@bitbucket.org/<username>/<repo_name>.git