Ray Kinsella's Homepage

SSL Tunnelling with nmap-ncat on Fedora 30

Consistent with the laws of un-intended consequences, when I upgraded to Fedora 30 to play with the new versions of CLang and GCC, something broke git.

More precisely, netcat which I use to traverse our corporate firewall, kept failing with "Ncat: Network is unreachable". The network is reachable, through the proxy, so whats the problem?

On closer inspection I found that the venerable nc had been silently replaced by nmap ncat. Although their executable names are the same, they are not completely command line compatible.

With nc you would have configured your .ssh/config for a SOCKS 5 proxy as follows. 

Host gerrit.fd.io
    ProxyCommand nc -x proxy.corporate.com:5000 %h %p

These should now be re-configured as follows. 

Host gerrit.fd.io
    ProxyCommand nc --proxy proxy.corporate.com:5000 --proxy-type socks5 %h %p
networking