git:// protocol blocked by company, how can I get around that?

git github

Attempting something like git clone git://github.com/ry/node.git will not work, it results in:

Initialized empty Git repository in /home/robert/node/.git/
github.com[0: 207.97.227.239]: errno=Connection timed out
fatal: unable to connect a socket (Connection timed out)

However, cloning over HTTP works fine. So far I've gathered that it's a problem with the protocol, but I'm trying to install cloud9 which is requiring the command

git submodule update --init --recursive

which is trying to use the git:// protocol and failing. Is there a way to change how that command will work or something?


Solution 1:

If this is an issue with your firewall blocking the git: protocol port (9418), then you should make a more persistent change so you don't have to remember to issue commands suggested by other posts for every git repo.

The below solution also just works for submodules which might also be using the git: protocol.

Since the git message doesn't really point immediately to the firewall blocking port 9418, lets try to diagnose this as the actual problem.

Diagnosing the Problem

References: https://superuser.com/q/621870/203918 and https://unix.stackexchange.com/q/11756/57414

There are several tools we can use to determine if the firewall causing our problem - use whichever is installed on your system.

# Using nmap
# A state of "filtered" against port 9418 (git) means
#   that traffic is being filtered by a firewall
$ nmap github.com -p http,git

Starting Nmap 5.21 ( http://nmap.org ) at 2015-01-21 10:55 ACDT
Nmap scan report for github.com (192.30.252.131)
Host is up (0.24s latency).
PORT     STATE    SERVICE
80/tcp   open     http
9418/tcp filtered git

# Using Netcat:
# Returns 0 if the git protocol port IS NOT blocked
# Returns 1 if the git protocol port IS blocked
$ nc github.com 9418 < /dev/null; echo $?
1

# Using CURL
# Returns an exit code of (7) if the git protocol port IS blocked
# Returns no output if the git protocol port IS NOT blocked
$ curl  http://github.com:9418
curl: (7) couldn't connect to host

OK, so now we have determined it is our git port being blocked by a firewall, what can we do about it? Read on :)

Basic URL Rewriting

Git provides a way to rewrite URLs using git config. Simply issue the following command:

git config --global url."https://".insteadOf git://

Now, as if by magic, all git commands will perform a substitution of git:// to https://

What Changes Did This Command Make?

Take a look at your global configuration using:

git config --list

You'll see the following line in the output:

url.https://.insteadof=git://

You can see how this looks on file, by taking a peek at ~/.gitconfig where you should now see that the following two lines have been added:

[url "https://"]
    insteadOf = git://

Want More Control?

Simply use a more complete/specific URL in the replacement. For example, to only have GitHub URLs use https:// instead of git://, you could use something like:

git config --global url."https://github".insteadOf git://github

You can run this command multiple times using different replacements. However, in the event that a URL matches multiple replacements, the longest match "wins". Only a single replacement will be made per URL.

System-Wide Changes for Sysadmins

If you're a Linux Sysadmin and you don't want your users to have to go through the above pains you can make a quick system-wide git configuration change.

Simply edit or add the following contents to /etc/gitconfig and voila your users don't have to worry about any of the above:

[url "https://"]
    insteadOf = git://

Solution 2:

Github provides http(s) access too, which is much less likely to be blocked by your company. To tell the submodule to use that, you can do this:

git submodule init
git config submodule.<name>.url https://github.com/...
git submodule update

This is actually exactly why init and update are separate commands - you can init, customize locations, then update. update --init is just a shortcut for when you don'ot need to customize any URLs.

For anyone else who happens across this, you could of course also use an ssh URL (if your company blocks git:// but not ssh), but in this case the OP presumably doesn't have SSH access to the remote repo.

Solution 3:

Another option which not involving touching git config is to change the ssh settings to use port 443 instead of the regular 22 port.

Reference: Using SSH over the HTTPS port

From that article:

edit the file at ~/.ssh/config, and add this section:

Host github.com
   Hostname ssh.github.com   
   Port 443

Afterward, I was able to successfully git push to Github. At home you can change back ssh config to the way it was if you want.

Related

How do I turn off Oracle password expiration?
npm not working - "read ECONNRESET"
How to loop through an associative array and get the key? [duplicate]
Gradle proxy configuration
What does it mean by buffer?
How do you loop in a Windows batch file?
How to programmatically set maxLength in Android TextView?
Why is __dirname not defined in node REPL?
How can I change the color of pagination dots of UIPageControl?
Log exception with traceback in python
Get protocol + host name from URL
Detecting value change of input[type=text] in jQuery