How do I use xinetd to forward port 22 for SSH connections to Bitbucket Server

関連コンテンツ

  • 関連コンテンツがありません

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

このページの内容はサポート対象外のプラットフォームに関連しています。したがって、アトラシアン サポートではこのページの記載内容のサポートの提供は保証されません。この資料は情報提供のみを目的として提供されています。内容はお客様自身の責任でご利用ください。

目的

By default, Bitbucket Server listens for SSH connections on port 7999, this guide will help forward port 22 so that SSH operations can be accessed at ssh://git@bitbucket.mycompany.com/PROJECT/repo.git instead of ssh://git@bitbucket.mycompany.com:7999/PROJECT/repo.git. The default sshd service will need to be moved to an alternative port other than 22.

This is an alternative to using HAProxy as described in Setting up SSH port forwarding.

ソリューション

Single IP Address Available

  • Using the package manager for your distribution (apt-get, yum, or rpm), install xinetd

  • Create a configuration file named bitbucket_ssh under /etc/xinetd.d with the following content

    service bitbucket_ssh
{
        disable         = no
        type            = UNLISTED
        socket_type     = stream
        protocol        = tcp
        user            = nobody
        wait            = no
        redirect        = 127.0.0.1 7999
        port            = 22
}
  • Restart xinetd with /etc/init.d/xinetd restart
  • Once port forwarding is set up, you will need to configure the SSH base URL in Bitbucket Server so that the clone urls presented in Bitbucket Server indicate the correct host and port to clone from. See the SSH base URL section in Enable SSH access to Git repositories.

Multiple IP Addresses Available

This option is available if more than one IP address is available on the server. sshd_config will need to be modified so that it listens to only one of the IP addresses.


  • Using the package manager for your distribution (apt-get, yum, or rpm), install xinetd

  • Create a configuration file named bitbucket_ssh under /etc/xinetd.d with the following content

    service bitbucket_ssh
{
        disable         = no
        type            = UNLISTED
        socket_type     = stream
        protocol        = tcp
        user            = nobody
        wait            = no
        redirect        = 127.0.0.1 7999
        bind            = 192.168.1.11
        port            = 22
}

  • Modify /etc/ssh/sshd_config so that it will only bind to one of the IP addresses (different from what xinetd is listening on

    /etc/ssh/sshd_config 
    # Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22

# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
ListenAddress 192.168.1.10
ListenAddress 127.0.0.1
Protocol 2

# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
  • Restart xinetd with /etc/init.d/xinetd restart
  • Restart sshd with service sshd restart
  • Once port forwarding is set up, you will need to configure the SSH base URL in Bitbucket Server so that the clone urls presented in Bitbucket Server indicate the correct host and port to clone from. See the SSH base URL section in Enable SSH access to Git repositories.
最終更新日: 2016 年 2 月 19 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する

関連コンテンツ

  • 関連コンテンツがありません
Powered by Confluence and Scroll Viewport.