Stop hanging on git ssh

If a git fetch/clone/submodule URL points to gitlab, github, bitbucket, etc and that repo does not exist any more, those services will prompt the user for a username/password so that the service can check if its a private repo. Private repos show up the same as non-existent repos. This employs two techniques for making sure that git never waits at those prompts. It instead should just fail immediately. The buildserver has been hanging on these prompts forever, until manually killed. This change will apply to updates both on the buildserver host, and the buildserver guest vm.

This uses the "insteadOf" git config option to rewrite URLs to always use HTTPS and then include a fake username/password so that git will use those in the prompts and fail immediately. This trick has been in use on the verification server for a long while and has been working well. It has also been used on jenkins.debian.net in the host. https://f-droid.org/en/docs/Verification_Server/

It also includes GIT_TERMINAL_PROMPT, which also prevents the bad behavior, which was added in git 2.3. https://github.com/blog/1957-git-2-3-has-been-released

We never allow git via SSH or password/key access, and right now, this causes things to hang forever. This sets things up to fail quickly with invalid ssh connections.

BatchMode=yes - passphrase/password querying will be disabled.

StrictHostKeyChecking=yes - never automatically prompt, or add host keys to the ~/.ssh/known_hosts file, and refuse to connect to hosts whose host key has changed.

This also upgrades git in the buildserver VM to 2.11 from jessie-backports to assist with all this.