I user remote logins alot so i dont want the git keys to be the same as the remote login users.. This way the git user can only mess with the repos and cant sudo to anything.
The simplest way to setup a private and secure git repo is to use ssh, avoid packages like gitosis et al, as they complicate the system setup needlessly.
Start of with installing git.
sudo apt-get -y install git-core
Setup a git user with(without sudoer rights);
sudo useradd --home /home/git --shell /bin/sh git sudo su -l git mkdir ~/.ssh chmod 700 ~/.ssh mkdir ~/repos
Now to setup a repo do the following:
sudo su -l git cd ~/repos git init --bare testing.git
Now your remote repo url (and username) is;
ssh://git@server.ip.address/~/repos/testing.git
But it can be checked out locally with:
git clone ~git/repos/testing.git
Check out the local version and confirm it.
For the remote a client is needed. TortoiseSVN was big favorite of mine. So im going for TortoiseGIT as my client. To setup it up you need to install Msysgit then tortiseGIT.
http://code.google.com/p/msysgit/downloads/list
http://code.google.com/p/tortoisegit/downloads/list
When I tried to check out my repo the clone failed on me due to the "PermitRootLogin no" and "PasswordAuthentication no" settings in my sshd_config fix it with
sudo su -l gitadmin sudo vi /etc/ssh/sshd_config
And add the user "git" to you AllowUsers line and install
AllowUsers git
Setup the remote users ssh key with PuttyGen and then add your ssh users pub key to the git user so that the client can login and pull/push the repo
sudo vi ~git/.ssh/authorized_keys
And then restart ssh and confirm the download of the admin settings:
sudo /etc/init.d/ssh restart
Refer:
http://book.git-scm.com
No comments:
Post a Comment