DEV Community

Taylor Reece
Taylor Reece

Posted on

Proxying Github Through a Bastion

Despite the status page saying otherwise, GitHub is down for part of the midwest. Though a 4-day weekend would be cool, getting access to code would be even cooler.

So... let's get to GitHub via a SOCKS proxy!

What is SOCKS?

SOCKS simply stands for "socket secure". It's a way by which you can proxy your web traffic on your computer through another system. All of your HTTP and HTTPS requests are piped through an SSH connection, and another system essentially makes connections for you on your behalf.

Why use SOCKS?

If you're either on a network that's locked down, or your network happens to be suffering an outage (like the midwest GitHub outage right now), but other networks are fine (AWS us-east-1 can hit GitHub right now), it's advantageous to have the other network make connections for you on your behalf.

Let's Make a Connection!

Alright, you're going to need a Linux box sitting somewhere that can access GitHub. I spun up an Ubuntu box in AWS's us-east-1 region, which is not experiencing an outage. I made sure I can SSH into the external box, then I ran this command on my command line:

ssh -D 1337 -q -C -N -i ~/my-key.pem ubuntu@my-endpoint
Enter fullscreen mode Exit fullscreen mode

Replace my-key.pem with your SSH private key, and my-endpoint with your EC2's endpoint. The 1337 can be changed to whatever local port you'd like to use.

Configure SOCKS Proxy

Next, on MacOS pop open your network settings, click Advanced, then under the Proxies tab select SOCKS Proxy. Enter localhost and the port you chose (like 1337):

Configure SOCKS proxy

Windows has similar settings, and if you're on Linux you probably already know what you're doing.

Head on over to WTF is My IP to verify that your browser is proxying through your EC2, then pop on over to GitHub. Your connection should proxy through AWS, and you should be able to hit the GitHub website!

We have GitHub

Configuring the GitHub CLI

Your GitHub CLI might connect at this point. That depends on it it respects your global SOCKS configuration, and if your checkout is via https:// or git://. You may need to set the http.proxy config flag, explained on this Stack Overflow post.

What if I use SSH?

If you use SSH to interact with GitHub, rather than HTTPS (which is the smart thing to do) you can pop open your SSH config file (likely at $HOME/.ssh/config) and throw in this SSH proxy config:

Host my-proxy
  HostName my-ec2-endpoint
  User ubuntu
  IdentityFile ~/my-ec2-key.pem

  ProxyJump my-proxy
Enter fullscreen mode Exit fullscreen mode

That'll make it so your SSH requests to GitHub proxy through your Bastion in AWS. Make sure you remove this later when you can directly access GitHub!

Top comments (0)