Configuring a Git Server
Nov 19 2011 by Satyajit
There are many ways to set up a Git server. In this article I am going to show you how you can do it using the SSH protocol. First I am assuming you have a UNIX or GNU/Linux machine with you. I am not very sure if this works well on windows, I am assuming it would.
####Installing basic packages on the server
You must have ssh installed in your machine and the daemon must be running. On Fedora it comes in by default, while on Ubuntu you have to install the
openssh-server package. On a Mac the service is disabled by default. Go to System Preferences -> Sharing and enable Remote Login.
Now that you have
sshd enabled we can proceed to setting up the git server. You must have git installed in the machine, get the instructions for your machine here. For the rest of the document I am going to call the server
r2d2 and the client machine
####Creating the Repository
It is best to have a dedicated user for the git repository. I have created a user called
r2d2 and have placed my repositories inside the directory
~git/repositories. Either you can copy an existing repository or create a new one. I will show you both. To create a new repository
hello_world run this command in the repository directory.
git --init bare hello_world.git
To copy an existing repository, assuming the repository is in /var/ftp/hello_world, run
git clone --bare /var/ftp/hello_world hello_world.git
Now that you have the repository create let me show you how to access it.
####Accessing the Repository
On the client
gandalf I need to create a ssh key pair. My user on
satyajit. To create the ssh key pair I run this command:
You will see an output similar to this
Generating public/private rsa key pair. Enter file in which to save the key (/home/satyajit/.ssh/id_rsa): Created directory '/home/satyajit/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/satyajit/.ssh/id_rsa. Your public key has been saved in /home/satyajit/.ssh/id_rsa.pub. The key fingerprint is: 83:77:da:13:a9:da:26:eb:dd:7b:9a:35:59:ff:50:cd satyajit@r2d2 The key's randomart image is: +--[ RSA 2048]----+ | | | | | | | . . ..| | . S + . E| | . * . o o | | o o + . .| | .+.. +.. ..| | .++o =+ .| +-----------------+
This will create two files
id_rsa.pub is your public key. Copy this file into the server
r2d2. Lets say I copied it to
satyajit.pub. To give access to the git user add the key
satyajit.pub to the
cat ~/keys/satyajit.pub >> ~/.ssh/authorized_keys
This will copy your public key to the
authorized keys in the server. Doing this allows access to the server via ssh using the git user, without having to type in the git’s password.
To clone the repository hello_world, from your client
git clone email@example.com:~git/repositories/hello_world.git
Please note I have used the server’s IP address here, you can replace it with the host name of your server. Since git has read and write permission on the repositories folder you can push the data too.
If you want to share the repository with other users just copy their public keys and append them to the authorized_keys file.
Further if you want to prevent shell access to the system using the user
git edit the /etc/passwd file:
sudo vim /etc/passwd
At the bottom of the file you will find the
git user’s configuration:
Just replace the
/usr/bin/git-shell as shown below:
Now if you try accessing ssh using the user
git you will get a response similar to
ssh firstname.lastname@example.org fatal: What do you think I am? A shell? Connection to gitserver closed.
####Notes Please keep in mind this is definitely not the best method to use in a public network. It is suitable for a small team in a local network. When you have many users copying and managing all the public keys will become a task by itself. Stay tuned for another article on how to do that.