On Thursday, February 7, 2019 at 2:17:19 PM UTC, Marcus Linsner wrote:
> On Thursday, February 7, 2019 at 1:44:00 PM UTC, Marcus Linsner wrote:
> > On Thursday, February 7, 2019 at 1:04:07 PM UTC, Marcus Linsner wrote:
> > > On Thursday, February 7, 2019 at 12:57:39 PM UTC, Marcus Linsner wrote:
> > > > Sometimes github.com resolves to 192.30.253.112 and .113 and today(at
> > > > least) they don't allow port 22 ssh, so `git push` fails like
> > > > ssh: connect to host github.com port 22: No route to host
> > > >
> > > > I noticed however that when it resolves to something like 140.82.112.40
> > > > (unsure exactly the IP) then ssh works and `git push` succeeds!
> > >
> > > the working IP is 140.82.118.3
> >
> > grreat, now not even that IP works anymore:
> > ssh: connect to host github.com port 22: No route to host
> >
> > i'm guessing some epic sshd bug is being exploited? :D silly speculation(s)
>
> ok, it's because of Qubes because having a rule in Firewall like "github.com"
> "ssh" "tcp" which apparently adds an iptables(?) rule based on resolved IP at
> the time(of AppVM start?), and github having changing IPs ("We do not
> recommend whitelisting by IP address," from:
> https://help.github.com/articles/about-github-s-ip-addresses/ )
>
> so basically, it was my fault :)
oh and I forgot to mention that because ping always works even if everything
else is denied(in AppVM's Firewall tab), it threw me off :) it's a Qubes
feature, I know.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/deddad62-b99d-45eb-9df2-317f4cf35bdc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
