Category Archives: DevOps notes

Quickstart a git Linux box for repository sharing

I had the need to quick setup a Linux box for some git over ssh repository sharing. What follows are my DevOps notes on this task and setup.

Setup

If not already installed, install openssh-server and git by

sudo yum install openssh-server
sudo yum install git

or

sudo apt-get install openssh-server
sudo apt-get install git

add a ‘git’ user by:

sudo adduser --disabled-password git

or

sudo useradd --disabled-password git

Configuration of /etc/ssh/sshd_config

As I preferred to keep the option PasswordAuthentication yes as-is in the configuration of sshd, then I proceeded add following snippet at the end of the file:

Match User git
PasswordAuthentication no

Check setting of AuthorizedKeysFile option, comes handy next section

Configuration of Authorized Keys

Some system have ‘AuthorizedKeysFile‘ option configured in /etc/ssh/sshd_config as: ‘AuthorizedKeysFile %h/.ssh/authorized_keys‘ hence can follow the following document
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-users.html
Example

sudo su - git
mkdir .ssh
chmod 700 .ssh
touch .ssh/authorized_keys
chmod 600 .ssh/authorized_keys

Then add to .ssh/authorized_keys one line per each of the authorized clients their SSH public keys, in the example form of:

ssh-rsa AAA<...>AbcdE== client1
ssh-rsa AAA<...>fgHiL== client2

This setup is ok for most system setups.

However, some other system have ‘AuthorizedKeysFile‘ option configured in /etc/ssh/sshd_config as: ‘AuthorizedKeysFile /etc/ssh/keys/%u_authkeys.pub‘ or similar, hence add (following previous example) to ‘/etc/ssh/keys/git_authkeys.pub‘ one line per each of the authorized clients their SSH public keys, in the example form of:

ssh-rsa AAA<...>AbcdE== client1
ssh-rsa AAA<...>fgHiL== client2

Ensure bash is used

Check /etc/passwd is setup as example form of:

git:x:123:123::/home/git:/bin/bash

Setup bare git project repository

Connect via ssh using the git account, or alternatively still via SSH but using another account and then command ‘sudo su - git‘, do the following commands:

cd ~
mkdir <git-project-name>.git
cd ~/<git-project-name>.git
git --bare init

Setup push with Eclipse

Add a remote, for example from “repository view” of the project, “Remotes” node, “Create remote…” and option by configure push URI:

ssh://git@<remoteserver>/~/<git-project-name>.git

A git ssh box1
A git ssh box2
A git ssh box3

For refs mapping I prefer to push all the branches given it’s a private remote server

From    refs/heads/*    To  refs/heads/*

A git ssh box4
A git ssh box5
A git ssh box6

Conclusion

It’s very convenient to setup a Linux box for git repository sharing via ssh.