How to get Read+Write access to github via plink?

Question

SSH access to github has been blocked in China, I followed this tutorial to setup a ssh tunnel:

$ plink -N myuser@myhomessh.com -pw mypassword -L 9418:github.com:9418
$ git clone git://localhost/someuser/someproject.git

I cannot push code to github via a Git Read-Only url.
So I try this:

$ git clone git@localhost:someuser/someproject.git
Cloning into 'someproject'...
git@localhost's password: 

Something is wrong here. I have added ~/.ssh/id_rsa.pub to github.

Answer 1

With your SSH tunnel, you are creating a tunnel to port 9418. There runs the simple git server which only allows unauthenticated read-only access. You can not push there. Notice that in your first example., you used the git:// protocol, which indicates that it connects to port 9418 and uses that protocol.

In your seconds example, you are trying to use git over SSH, which creates a connection on port 22. You can use something like this to create the SSH tunnel (assuming you already have an SSH server running locally which already listens to port 22 locally)

plink -N myuser@myhomessh.com -pw mypassword -L 2222:github.com:22
git clone ssh://git@localhost:2222/someuser/someproject.git

Answer 2

Well, the git clone git@localhost:someuser/someproject.git command tries to connect to your localhost using SSH (on port 22). I dunno though why it's asking for the credentials (as if something's listening on this port).

To me it appears that the only sensible way to overcome that brain-dead restriction is to set up an SSH jumphost located in some IP subnet which does not have the access blocked (that is, outside China).

Also there might be other (palliative) solutions:

• If you need to host your own code, do not use github as there are other Git hosting providers which might not have access to them blocked.
• If you need to push to a project you do not own, you could resort to suboptimal ways of contributing code: mailing patch series or git bundle'd changesets to the maintainer or another person willing to sponsor getting your code in.

Update: well, I re-read your answer, and it seems that you do really have some sort of SSH server running on localhost. So, to clarify: the SSH key used to authenticate at github is used by your client when talking with github's SSH server, not with your local SSH server. I mean, to clone a repo from github using the git:// protocol you did not have to set up any sort of a tunnel at all. And to get to github via SSH you invariably have to connect to github via SSH, which is blocked. It would be great if github had another port (not 22) to accept SSH connections on. But I do not know if they have something like this available.