git:// protocol blocked by company, how can I get around that?
Attempting something like git clone git://github.com/ry/node.git
will not work, it results in:
Initialized empty Git repository in /home/robert/node/.git/
github.com[0: 207.97.227.239]: errno=Connection timed out
fatal: unable to connect a socket (Connection timed out)
However, cloning over HTTP works fine. So far I've gathered that it's a problem with the protocol, but I'm trying to install cloud9 which is requiring the command
git submodule update --init --recursive
which is trying to use the git:// protocol and failing. Is there a way to change how that command will work or something?
Solution 1:
If this is an issue with your firewall blocking the git: protocol port (9418), then you should make a more persistent change so you don't have to remember to issue commands suggested by other posts for every git repo.
The below solution also just works for submodules which might also be using the git: protocol.
Since the git message doesn't really point immediately to the firewall blocking port 9418, lets try to diagnose this as the actual problem.
Diagnosing the Problem
References: https://superuser.com/q/621870/203918 and https://unix.stackexchange.com/q/11756/57414
There are several tools we can use to determine if the firewall causing our problem - use whichever is installed on your system.
# Using nmap
# A state of "filtered" against port 9418 (git) means
# that traffic is being filtered by a firewall
$ nmap github.com -p http,git
Starting Nmap 5.21 ( http://nmap.org ) at 2015-01-21 10:55 ACDT
Nmap scan report for github.com (192.30.252.131)
Host is up (0.24s latency).
PORT STATE SERVICE
80/tcp open http
9418/tcp filtered git
# Using Netcat:
# Returns 0 if the git protocol port IS NOT blocked
# Returns 1 if the git protocol port IS blocked
$ nc github.com 9418 < /dev/null; echo $?
1
# Using CURL
# Returns an exit code of (7) if the git protocol port IS blocked
# Returns no output if the git protocol port IS NOT blocked
$ curl http://github.com:9418
curl: (7) couldn't connect to host
OK, so now we have determined it is our git port being blocked by a firewall, what can we do about it? Read on :)
Basic URL Rewriting
Git provides a way to rewrite URLs using git config
. Simply issue the following command:
git config --global url."https://".insteadOf git://
Now, as if by magic, all git commands will perform a substitution of git://
to https://
What Changes Did This Command Make?
Take a look at your global configuration using:
git config --list
You'll see the following line in the output:
url.https://.insteadof=git://
You can see how this looks on file, by taking a peek at ~/.gitconfig
where you should now see that the following two lines have been added:
[url "https://"]
insteadOf = git://
Want More Control?
Simply use a more complete/specific URL in the replacement. For example, to only have GitHub URLs use https:// instead of git://, you could use something like:
git config --global url."https://github".insteadOf git://github
You can run this command multiple times using different replacements. However, in the event that a URL matches multiple replacements, the longest match "wins". Only a single replacement will be made per URL.
System-Wide Changes for Sysadmins
If you're a Linux Sysadmin and you don't want your users to have to go through the above pains you can make a quick system-wide git configuration change.
Simply edit or add the following contents to /etc/gitconfig
and voila your users don't have to worry about any of the above:
[url "https://"]
insteadOf = git://
Solution 2:
Github provides http(s) access too, which is much less likely to be blocked by your company. To tell the submodule to use that, you can do this:
git submodule init
git config submodule.<name>.url https://github.com/...
git submodule update
This is actually exactly why init and update are separate commands - you can init, customize locations, then update. update --init
is just a shortcut for when you don'ot need to customize any URLs.
For anyone else who happens across this, you could of course also use an ssh URL (if your company blocks git:// but not ssh), but in this case the OP presumably doesn't have SSH access to the remote repo.
Solution 3:
Another option which not involving touching git config is to change the ssh settings to use port 443 instead of the regular 22 port.
Reference: Using SSH over the HTTPS port
From that article:
edit the file at ~/.ssh/config, and add this section:
Host github.com
Hostname ssh.github.com
Port 443
Afterward, I was able to successfully git push to Github. At home you can change back ssh config to the way it was if you want.