[cfarm-users] Unable to git pull on gcc112

Jacob Bachmeyer jcb62281 at gmail.com
Thu Mar 31 01:52:23 CEST 2022

Vincent Lefevre via cfarm-users wrote:
> On 2022-03-29 22:01:26 -0500, Jacob Bachmeyer via cfarm-users wrote:
>> Jeffrey Walton via cfarm-users wrote:
>>> When I try git://github.com/weidai11/cryptopp/:
>>> $ git pull
>>> fatal: remote error:
>>>  The unauthenticated git protocol on port 9418 is no longer supported.
>> While this does not help you, the root of this latter problem seems to be
>> that GitHub has decided to deliberately break compatibility with one of
>> Git's standard features using "security" as an excuse.  This is, of course,
>> ridiculous for public repositories, since public repositories are, well,
>> public.
> Even though they are public, you still need to have a way to
> authenticate the host to ensure that you will not connect to
> a fake server (in particular with "git clone").

Easily solved by checking the HEAD commit against a known-good ID; 
either the origin tracking branch in your local copy, or as I have done 
in the past with GitHub, by looking at the (HTTPS) Web page.  If those 
IDs match, you have the correct data, with overwhelming probability.  If 
they do not match, find the differences and you have just caught an 
attacker in the act.

The solution, in short, is to authenticate the _data_ (which actually 
matters) instead of the _server_ (which is actually irrelevant here; an 
honest "ghost mirror" is fine and a dishonest origin is bad).

-- Jacob

More information about the cfarm-users mailing list