2. Git Basics
7. Git Tools
10. Git Internals
A3. Git Commands
4.4 Git on the Server - Setting Up the Server
Setting Up the Server
Let’s walk through setting up SSH access on the server side.
In this example, you’ll use the
authorized_keys method for authenticating your users.
We also assume you’re running a standard Linux distribution like Ubuntu.
First, you create a
git user and a
.ssh directory for that user.
$sudo adduser git
Next, you need to add some developer SSH public keys to the
authorized_keys file for the
Let’s assume you have some trusted public keys and have saved them to temporary files.
Again, the public keys look something like this:
You just append them to the
authorized_keys file in its
$cat /tmp/id_rsa.john.pub >> ~/.ssh/authorized_keys
$cat /tmp/id_rsa.josie.pub >> ~/.ssh/authorized_keys
$cat /tmp/id_rsa.jessica.pub >> ~/.ssh/authorized_keys
$git init --bare
Initialized empty Git repository in /opt/git/project.git/
Then, John, Josie, or Jessica can push the first version of their project into that repository by adding it as a remote and pushing up a branch.
Note that someone must shell onto the machine and create a bare repository every time you want to add a project.
gitserver as the hostname of the server on which you’ve set up your
git user and repository.
If you’re running it internally, and you set up DNS for
gitserver to point to that server, then you can use the commands pretty much as is (assuming that
myproject is an existing project with files in it):
git add .
git commit -m 'initial commit
$git remote add origin git@gitserver:/opt/git/project.git
$git push origin master
At this point, the others can clone it down and push changes back up just as easily:
$git clone git@gitserver:/opt/git/project.git
$git commit -am
'fix for the README file'
$git push origin master
With this method, you can quickly get a read/write Git server up and running for a handful of developers.
You should note that currently all these users can also log into the server and get a shell as the
If you want to restrict that, you will have to change the shell to something else in the
You can easily restrict the
git user to only doing Git activities with a limited shell tool called
git-shell that comes with Git.
If you set this as your
git user’s login shell, then the
git user can’t have normal shell access to your server.
To use this, specify
git-shell instead of bash or csh for your user’s login shell.
To do so, you must first add
/etc/shells if it’s not already there:
# see if `git-shell` is already in there. If not...
# make sure git-shell is installed on your system.
$sudo vim /etc/shells
# and add the path to git-shell from last command
Now you can edit the shell for a user using
$sudo chsh git
# and enter the path to git-shell, usually: /usr/bin/git-shell
git user can only use the SSH connection to push and pull Git repositories and can’t shell onto the machine.
If you try, you’ll see a login rejection like this:
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.
Connection to gitserver closed.
Now Git network commands will still work just fine but the users won’t be able to get a shell.
As the output states, you can also set up a directory in the
git user’s home directory that customizes the
git-shell command a bit.
For instance, you can restrict the Git commands that the server will accept or you can customize the message that users see if they try to SSH in like that.
git help shell for more information on customizing the shell.