Wow, that’s a great offer.
Because I tried to containerize service with Podman, I installed gitlab on my server (I definitely need it) and linked the SSH service on a weird port, let’s say 55555 and the 80 on 8080 (no need for https, I stay inside my network and I’m working on installing squid proxy in a container to proxing all my sites (as strange as it may sound, I’m looking to use Podman instead of VM running OpenBSD(my sweet love))) <-Lisp touch ;'(.
podman run -d --restart always --hostname gitlab.arch-libertas.net --publish 8080:80 --publish 55555:22 --name gitlab docker.io/gitlab/gitlab-ce:latest
Of course we open the weird ssh ports in the active zone:
sudo firewall-cmd --add-port=55555/tcp --permanent sudo firewall-cmd --reload
idem for the http:
sudo firewall-cmd --add-port=8080/tcp --permanent sudo firewall-cmd --reload
Super cool I can use my gitlab, but, how can I connect to ssh easily on this port?
First, from the http interface, in the client’s settings, go to SSH Key and add your public key located in /home/$(whoami)/.ssh/id_rsa.pub (or id_AnotherCipher.pub), I you don’t have one, do ssh-keygen.
Then you’ll see your fingerprint added (blurred on the picture below)
Cool, I can do a ssh USER@HOST -p 55555, but what a pain in the arse with git. Wait bro, there is a solution, the ssh config file is there for you, just change USER by your gitlab username and my host by yours:
echo "Host gitlab.arch-libertas.net User USER Port 55555" >> /home/$(whoami)/.ssh/config
Now, when you ssh USER@HOST, it will automatically connect you to the host through the port configured in the config file and, if you change HOST to IP, it will connect to port 22. 🙂 in this situation, I can use different ssh ports on different services on my host just by configuring different hostnames in /etc/hosts and in ~/.ssh/config
Much more information here
For exemple you can explicit a key and force to connect by only that key adding:
IdentityFile ~/.ssh/id_rsa_gitlab IdentitiesOnly yes