On Thu, Apr 04, 2013 at 10:51:20AM -0700, Ronak Shah wrote: > Hi, > > As OS dev cycle involves Gerrit review tool which requires ssh into the > gerrit server, I was wondering if any of you guys face problems where your > company/org does not allow ssh to external hosts. > > In general, what is the best practice in terms of environment for > generating code review?
The traditional workaround when companies have insane firewalls blocking SSH, is to run an SSH server on port 443, since firewalls typically allow through any traffic on the HTTPS port, even if it isn't using the HTTPS protocol :-) This workaround only fails if your company is also doing a man-in-the-middle attack on HTTPS traffic[1] GitHub actually have an SSH server on port 443 for exactly this reason https://help.github.com/articles/using-ssh-over-the-https-port I don't know how hard it would be for OpenStack Infrastructure team to officially make Gerrit available via port 443, in addition to the normal SSH port. Regards, Daniel [1] Yes some companies really do MITM attack all HTTPS connections their employees make :-( -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp