1

My goal is to push a Git repository with SSH onto a server instance on a new hosting service.

I am following the documentation of the new hosting service, and one of the steps is:

git remote add xyz $ssh+git://{instance_id}@git.{datacenter_id}.xyz.net/default.git

But, I am afraid to run this, it requires me to connect my local computer with this server. This is the first time I am using git push and SSH.

My question is, that is this line correct and safe to run?

There is also a Git endpoint fingerprint in the documentation, am I supposed to do anything with that?

Improve this question
2
  • Do you expect it to be significantly different than e.g. your computer connecting to an HTTP or FTP server?
    – grawity_u1686
    Commented Sep 2, 2022 at 14:54
  • 2
    Not sure I understand what you're concerned about? Any remote you add, regardless of protocol, is going to require you to connect your local computer with the remote server.
    – squillman
    Commented Sep 2, 2022 at 15:13

1 Answer 1

Reset to default
2

Yes this is safe to run, provided you have enough trust in the new host to put your code in it.

The SSH connection will be used by your local git executable, so its not like the server can do weird things to you by connecting to it. I suppose that they could use a custom SSH or GIT server that implements an exploit for some vulnerability in either git or ssh_client on connected systems, but neither is very likely.

if you trust the remote enough to put your code on it, you should trust it enough to connect to it via SSH+git.

the fingerprint is likely the fingerprint of the SSH host key, so that you can verify that the server you think you are connecting to is actually the server you are connected to, and tell if that ever changes.

Improve this answer
1
  • 1
    Thanks a lot for the detailed answer! I appreciate it!
    – U13-Forward
    Commented Sep 3, 2022 at 1:55

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .