[aur-general] ssh access on port 443
Hi My firewall is restrictive and won't allow outgoing traffic on tcp/22. github.com and gitlab.com both provide alternative addresses that use tcp/443. Is there something like this for AUR? I know I can just use a general proxy, but I don't have access to another network or computer to host my own, and all public VPNs and proxies that work in this network are slow. Thanks eNV25
Many VPS providers have cheap "starter" plans at $3-4 per month that you can use to self-host your own. It's not ideal, but it might be your only solution. -------- Original Message -------- On Apr 18, 2022, 09:24, eNV25 via aur-general wrote:
Hi
My firewall is restrictive and won't allow outgoing traffic on tcp/22.
github.com and gitlab.com both provide alternative addresses that use tcp/443. Is there something like this for AUR?
I know I can just use a general proxy, but I don't have access to another network or computer to host my own, and all public VPNs and proxies that work in this network are slow.
Thanks eNV25
Oracle, Amazon, and Google provide VMs within their free tiers. There are a number of shell-only providers out there too (e.g. SDF) that you could conceivably use for SSH forwarding. On 18/04/2022 14:43, Ryan via aur-general wrote:
Many VPS providers have cheap "starter" plans at $3-4 per month that you can use to self-host your own. It's not ideal, but it might be your only solution.
-------- Original Message -------- On Apr 18, 2022, 09:24, eNV25 via aur-general wrote:
Hi
My firewall is restrictive and won't allow outgoing traffic on tcp/22.
github.com and gitlab.com both provide alternative addresses that use tcp/443. Is there something like this for AUR?
I know I can just use a general proxy, but I don't have access to another network or computer to host my own, and all public VPNs and proxies that work in this network are slow.
Thanks eNV25
As slow as it is, have you tried using Tor, you are only pushing pulling PKGBUILD files, not gigabytes of data. Offtopic; does the AUR or any part of Arch offer .onion services? On April 18, 2022 5:42:55 PM UTC, Jonathon Fernyhough via aur-general <aur-general@lists.archlinux.org> wrote:
Oracle, Amazon, and Google provide VMs within their free tiers.
There are a number of shell-only providers out there too (e.g. SDF) that you could conceivably use for SSH forwarding.
On 18/04/2022 14:43, Ryan via aur-general wrote:
Many VPS providers have cheap "starter" plans at $3-4 per month that you can use to self-host your own. It's not ideal, but it might be your only solution.
-------- Original Message -------- On Apr 18, 2022, 09:24, eNV25 via aur-general wrote:
Hi
My firewall is restrictive and won't allow outgoing traffic on tcp/22.
github.com and gitlab.com both provide alternative addresses that use tcp/443. Is there something like this for AUR?
I know I can just use a general proxy, but I don't have access to another network or computer to host my own, and all public VPNs and proxies that work in this network are slow.
Thanks eNV25
On 22-04-18 17:50, aur--- via aur-general wrote:
As slow as it is, have you tried using Tor, you are only pushing pulling PKGBUILD files, not gigabytes of data.
Offtopic; does the AUR or any part of Arch offer .onion services?
I don't think we do, is there actually any interest in this? -- George Rawlinson
On Tue, Apr 19, 2022 at 08:16:10AM +0000, George Rawlinson via aur-general wrote:
On 22-04-18 17:50, aur--- via aur-general wrote:
As slow as it is, have you tried using Tor, you are only pushing pulling PKGBUILD files, not gigabytes of data.
Offtopic; does the AUR or any part of Arch offer .onion services?
I don't think we do, is there actually any interest in this?
-- George Rawlinson
I had raised this back in 2015 and the suggestion was shot down pretty hard back then. https://lists.archlinux.org/pipermail/aur-general/2015-June/030939.html However, there were some useful suggestions last time around: It may be possible to use the following by itself, or in combination with a VPS as others have mentioned. http://gitolite.com/git-over-proxy.html Fortunately, I'm no longer in a position where this is necessary for my own work, though I too recall the difficulty in sharing packages with tcp/22 closed/blocked/inaccessible. I'm hopeful that with the latest changes to AUR and with some new TU's in the group, perhaps some opinions have changed to reconsider this option. Cheers, -- Tom Swartz
On Tue, Apr 19, 2022 at 08:45:10AM -0400, tom@tswartz.net wrote:
On Tue, Apr 19, 2022 at 08:16:10AM +0000, George Rawlinson via aur-general wrote:
On 22-04-18 17:50, aur--- via aur-general wrote:
As slow as it is, have you tried using Tor, you are only pushing pulling PKGBUILD files, not gigabytes of data.
Offtopic; does the AUR or any part of Arch offer .onion services?
I don't think we do, is there actually any interest in this?
-- George Rawlinson
I had raised this back in 2015 and the suggestion was shot down pretty hard back then. https://lists.archlinux.org/pipermail/aur-general/2015-June/030939.html
However, there were some useful suggestions last time around: It may be possible to use the following by itself, or in combination with a VPS as others have mentioned. http://gitolite.com/git-over-proxy.html
Fortunately, I'm no longer in a position where this is necessary for my own work, though I too recall the difficulty in sharing packages with tcp/22 closed/blocked/inaccessible.
I'm hopeful that with the latest changes to AUR and with some new TU's in the group, perhaps some opinions have changed to reconsider this option.
Cheers, -- Tom Swartz
Apologies, to be clear; I had raised the issue about ssh on tcp/443; not the .onion services. Incidentally, I have also found my old AUR bug report/feature request about the same, and (at the time) did not appear to be a difficult feature to implement: https://bugs.archlinux.org/task/45364 I have no idea how it stands currently, 6.5 years later. Cheers, -- Tom Swartz
On Tue, Apr 19, 2022 at 6:25 PM tom--- via aur-general <aur-general@lists.archlinux.org> wrote:
Apologies, to be clear; I had raised the issue about ssh on tcp/443; not the .onion services.
Incidentally, I have also found my old AUR bug report/feature request about the same, and (at the time) did not appear to be a difficult feature to implement: https://bugs.archlinux.org/task/45364 I have no idea how it stands currently, 6.5 years later.
Cheers,
-- Tom Swartz
This bug report is a bit confusing because it talks about "SSH over HTTPS" or "Git over HTTPS". What I mean is making the SSH server listen on an additional endpoint (eg. ssh.aur.archlinux.org:443). This should only need some kind of TCP forwarding or proxying. https://about.gitlab.com/blog/2016/02/18/gitlab-dot-com-now-supports-an-alte... https://docs.github.com/en/authentication/troubleshooting-ssh/using-ssh-over...
On Tue, Apr 19, 2022 at 08:34:10PM +0530, eNV25 wrote:
On Tue, Apr 19, 2022 at 6:25 PM tom--- via aur-general <aur-general@lists.archlinux.org> wrote:
Apologies, to be clear; I had raised the issue about ssh on tcp/443; not the .onion services.
Incidentally, I have also found my old AUR bug report/feature request about the same, and (at the time) did not appear to be a difficult feature to implement: https://bugs.archlinux.org/task/45364 I have no idea how it stands currently, 6.5 years later.
Cheers,
-- Tom Swartz
This bug report is a bit confusing because it talks about "SSH over HTTPS" or "Git over HTTPS".
Indeed. This was my mistake in confusing the terms those years ago.
What I mean is making the SSH server listen on an additional endpoint (eg. ssh.aur.archlinux.org:443). This should only need some kind of TCP forwarding or proxying.
https://about.gitlab.com/blog/2016/02/18/gitlab-dot-com-now-supports-an-alte... https://docs.github.com/en/authentication/troubleshooting-ssh/using-ssh-over...
The end result is indeed what you describe above, I simply had difficulty explaining the request at the time. -- Tom Swartz
On Mon, Apr 18, 2022 at 11:21 PM aur--- via aur-general <aur-general@lists.archlinux.org> wrote:
As slow as it is, have you tried using Tor, you are only pushing pulling PKGBUILD files, not gigabytes of data.
Since Tor doesn't work directly, I'm using Tor through Psiphon (https://psiphon.ca/en/). I can't use Psiphon directly either because it doesn't support tcp/22.
participants (6)
-
aur@nullvoid.me
-
eNV25
-
George Rawlinson
-
Jonathon Fernyhough
-
Ryan
-
tom@tswartz.net