How to configure GIT remotes with FTPS
This document explains how to configure an Redhat 8 Attune node to use FTP with Explicit for version control. This method is a way of using the FTP protocol but in a secure way. When FTP makes a TCP connection, it is encrypted end to end so the data can not be read in transit.
Install
Install openssl
Check to see if OpenSSL is installed on the Attune host:
1dnf list installed openssl
If it is not installed, install it with:
1dnf install openssl
Install GIT
Git only needs to be installed if it is not already, to check
if git is installed, run: dnf list installed git
To install git, run:
dnf install git
Install git ftp
GIT_FTP is required for the FTP Transfer. The project can be found here: https://github.com/git-ftp/git-ftp
To install git_ftp run:
1# as the attune user
2curl https://raw.githubusercontent.com/git-ftp/git-ftp/master/git-ftp > $HOME/bin/git-ftp
3chmod 755 $HOME/bin/git-ftp
This downloads the script and makes it executable in the Attune users binary directory.
Install curl-devel package
The curl-devel package includes the header files and libraries necessary to develop applications that handle HTTP or FTP transactions using the cURL library.
To install the package, run:
1dnf install -y curl-devel
Install openssl-devel package
To install the package, run:
1#as root
2dnf install -y openssl-devel
Build curl v8
git_ftp utilised curl for the ftp transfer. curl Version 8 or greater needs to be installed but this is no always
available in RHEL8 repositories. It is important that this version of curl is installed in the users bin
directory so that replacing the system version does not cause anything to break.
Install Dev Tools:
1sudo yum groupinstall -y "development tools"
Download curl version 8:
1curl --output bin/curl-8.5.0.tar.gz https://curl.se/download/curl-8.5.0.tar.gz
Extract the file:
1tar -xvf curl-8.5.0.tar.gz
Change into the directory:
1cd curl-8.5.0
Configure curl
1./configure --with-openssl --prefix=$HOME
Build curl
1make
Warning
Ensure that the install path is /home/attune/bin
Install curl
1make install
Add the Attune users bin directory to the PATH.
1cat <<'EOF' >> ~/.bashrc
2
3# Add Path for GIT FTP
4export PATH="$HOME/bin:$PATH"
5
6EOF
Source the bashrc file
1source ~/.bashrc
Check that the version is v8
1curl --version
Note
If the version is not v8, you need to check that /home/attune/bin
is in the $PATH
variable.
Configure the Repository
Configure the git ftp repository settings
In your project repository, run:
1git config git-ftp.user "<username>"
2git config git-ftp.url "<URL>"
3git config git-ftp.password "<password>"
Warning
It is not secure to store the users password in plain text. git_ftp can use the -P flag to prompt the users password.
Note
The url must specify explicit TLS like ftpes://<hostname>:<port><path_to_file>.git
The path is the relative path from the FTP session root.
Run GIT INIT
Running git init in an existing repository is safe. It will not overwrite things that are already there. The primary reason for rerunning git init is to pick up newly added template..
For example:
1git ftp init -P --disable-epsv -v --insecure "ftpes://10.211.55.2:21/trace-configuration-script.git"
-P asks the user to manually enter the password
–disable-epsv Disables Extended Passive Mode
– insecure Does not check the certificate
How to use Git FTP
To push a file
In your repository, run:
1git ftp push -P --disable-epsv -v --insecure
Git FTP Reference
For a list of git-ftp reference, see: git_ftp reference guide
Troubleshooting
For troubleshooting instructions, see How to Troubleshoot Git FTP
Appendix
Prerequisites
The Prerequisites for FTPES are:
GIT installed.
GIT_FTP installed.
CURL version 8
OpenSSL is installed
Curl Devel