Recently, some months agoStarting from beginning of 2022, there was a policy change on accessing most git hosting services to restrict "unsecure" git repositories protocol for security issues. The Github  GitHub security access has been changed for accessing the git repositories via ssh: more information can be found in the following news [https://github.blog/2021-09-01-improving-git-protocol-security-github/ Improving Git protocol security on GitHub].

To mitigate This is already applied in DAVE BSPs published after March 2022 but older BSPs, published prior this issuechange, it will may need to be required to change the protocol access fixed manually to the repo starting with use ssh instead of <code>git://</code>to access some repositories

This Technical Note shows an example on how to modify <code>repo</code> manifest update those older releases to correctly run the Yocto build. Some ''tips & tricks'' can be found also in solve this [https://stackoverflow.com/questions/70663523/the-unauthenticated-git-protocol-on-port-9418-is-no-longer-supported stackoverflow] question.issue

== Yocto BSP repo Manifest ==Before starting DAVE Yocto BSPs uses [https://gerrit.googlesource.com/git-repo/ repo] to track the Yocto, build it is multiple layers required to check setup the BSP itself. If <code>default.xmlgit</code> manifest file for the git access protocol is used to clone some these layers, user will encounter the layers repositoriesabove issue.

Here below there is an example using the [https://wiki.dave.eu/index.php?title{{OldRevision|page=DESK-MX6-L/Development/Building_the_Yocto_BSP&oldidBuilding the Yocto BSP|revision=14300 |text=DESK-MX6-L-1.0.0] wiki }}page instructions for building the overall BSP.while fixing the manifest

=== Orginal ''default.xml''Setup with original manifest===The original file, as per <code>desk-mx6-l-1.0.1</code> tag, uses the '''<code>git''' </code> protocol for accessing the Yocto, freescale and Qt repositoriesto clone some layers:

in this case, multiple access error will be prompted by while running <code>repo sync</code>:

=== Fixed Fixing repo manifest===<code>repo</code> stores the current manifest in <code>.repo/manifest.xml</code>: this is the file that needs to be patched to solve this issue locally After <code>repo init</code> and prior <code>repo sync</code>, user need to edit <code>.repo/manifest.xml</code> to change all occurrence of <code>git://</code> protocol specifier to <code>https://</code> This can be also applied with a simple <code>sed</code> command:<syntaxhighlight lang="bash">sed -i 's/git:\/\//https:\/\//g'default.repo/manifest.xml''===The modified file</syntaxhighlight>Please note that, for <code>DESK-MX6-L-1.x.x</code>, as per this is already fixed in <code>desk-mx6-l-1.0.2</code> tag, uses the '''https''' protocol for accessing the git repositoriesrelease:

To be precise the <code>diff</code> between the two releases is:<syntaxhighlight lang="diff">diff --git a/default.xml b/default.xmlindex f4d7443..1a4d7fb 100644--- a/default.xml+++ b/default.xml@@ -3,12 +3,12 @@ <default sync-j="2"/> - <remote fetch="git://git.yoctoproject.org" name="yocto"/>- <remote fetch="git://github.com/Freescale" name="freescale"/>- <remote fetch="git://git.openembedded.org" name="oe"/>- <remote fetch="git://github.com/OSSystems" name="OSSystems"/>- <remote fetch="git://github.com/meta-qt5" name="QT5"/>- <remote fetch="git://github.com/meta-rust" name="rust"/>+ <remote fetch="https://git.yoctoproject.org" name="yocto"/>+ <remote fetch="https://github.com/Freescale" name="freescale"/>+ <remote fetch="https://git.openembedded.org" name="oe"/>+ <remote fetch="https://github.com/OSSystems" name="OSSystems"/>+ <remote fetch="https://github.com/meta-qt5" name="QT5"/>+ <remote fetch="https://github.com/meta-rust" name="rust"/> <remote fetch="https://source.codeaurora.org/external/imx" name="CAF" /> <remote fetch="ssh://git@git.dave.eu/" name="DAVE"/> </syntaxhighlight> == Other Yocto layers or Layer recipes ==This issue can be present also on other layers While most of Yocto recipes used tar (or recipes: in similar) archive to get source code, some of them download source code using git. Usually <code>https</code> protocol is used for this case, the related but in some cases <code>SRC_URI</code> may need to be updated if plain <code>git://</code> access should be changed or fixed.protocol is used (and if the git server implements GitHub like security policies)

As an workaround for the <code><nowiki>git://github.com/</nowiki></code> access, it is possible to replace the ''git'' access protocol to the ''https'' access using the [https://git-scm.com/docs/git-config#Documentation/git-config.txt-urlltbasegtinsteadOf git configuration] command: