It is possible to use OpenSSH to reverse proxy to HGKeeper's SSH server. There
are a number of reasons you may want to do this. You don't want to expose
HGKeeper to your network or the internet, you want to use your existing
OpenSSH server so you don't need to specify a different port, or maybe you have
another reason we can't think of right now.
Once you have setup either a [
standalone](
../standalone) or
[
standalone container](
../standalonecontainer) instance you can proxy it
through an OpenSSH server in a few steps.
For this to work, you will need to specify the
`--external-hostname` argument
via the command line or its environment variable counter part. If you're running
on a port other than
`22222` you'll need to do the same with
`--external-port`.
You will also need
`curl` installed on the machine running the OpenSSH Server.
include-markdown "../includes/hguser.md"
Before we update the OpenSSH Server to do the remote proxy, we need to store
the HGKeeper's public host keys in our
`hg` users
`known_hosts` file. The
easiest way to do this is to open a shell as the
`hg` user and use
`ssh-keyscan` to acquire the keys.
You can use the following commands to accomplish this. Make sure to swap in the
proper values for
`<external-hostname>` and
`<external-port>` for your
ssh-keyscan
-H
<external-hostname>
-p
<external-port>
| tee
-a
~/.ssh/known_hosts
include-markdown "../includes/reverseproxy/openssh.md"
You should now be able to clone the
`hgkeeper` administration repository
through your existing OpenSSH Server. You can use the following command to
verify that everything has been setup correctly.
hg clone ssh://hg@example.com/hgkeeper If the repository cloned, you are good to go!
If that didn't work, be sure to check the logs from your OpenSSH Server as well
as your HGKeeper instance, and be sure to double check your configuration.
