#Service-Terminal
#install git
Reference link: http://tzhennan.iteye.com/admin/blogs/2410564
#View version
$ git --version
git version 1.8.3.1
#Create a git user to manage the git service and set a password for the git user
$ id git
id: git: no such user
$ useradd git
$ passwd git
#create git repository
$ mkdir -p /data/git/test.git
$ git init --bare /data/git/test.git
Initialized empty Git repository in /data/git/test.git/
$ chown -R git:git test.git/
#client
#install git
Reference link: http://tzhennan.iteye.com/admin/blogs/2410564
#Client clone remote warehouse
$ git clone [email protected]:/data/git/test.git
Cloning into 'test'...
[email protected]'s password:
warning: You appear to have cloned an empty repository.
#If SSH is not using the default port 22, you need to use the following command (assuming the SSH port number is 7700)
$ git clone ssh://[email protected]:7700/data/git/test.git
$ git pull
[email protected]'s password:
Your configuration specifies to merge with the ref 'master'
from the remote, but no such ref was fetched.
#Solution steps:
$ touch README
$ git add -A
$ git commit -m "add README"
$ git push -u origin master
[email protected]'s password:
Counting objects: 3, done.
Writing objects: 100% (3/3), 206 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote: error: insufficient permission for adding an object to repository database ./objects
remote: fatal: failed to write object
error: unpack failed: unpack-objects abnormal exit
To [email protected]:/data/git/share.git
! [remote rejected] master -> master (unpacker error)
error: failed to push some refs to '[email protected]:/data/git/share.git'
#Server side set warehouse permissions
$ chown -R git:git share.git/
#Prompt for git password every time git pull
Client creates ssh public and private keys
$ ssh-keygen -t rsa -C "[email protected]"
At this time, there will be two more files id_rsa and id_rsa.pub under ~/.ssh
id_rsa is the private key
id_rsa.pub is the public key
Server-side git open RSA authentication
Go to the /etc/ssh directory and edit sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
Save and restart the sshd service
$ systemctl restart sshd.service
It is known from AuthorizedKeysFile that the storage path of the public key is .ssh/authorized_keys, which is actually $Home/.ssh/authorized_keys. Since the user who manages the git service is git, the actual path to store the public key is /home/git/.ssh /authorized_keys
$ cd /home/git
$ mkdir .ssh
Change the owner of the .ssh folder to git
$ chown -R git:git .ssh
Import the client public key into the server /home/git/.ssh/authorized_keys file
$ ssh [email protected] 'cat >> .ssh/authorized_keys' < ~/.ssh/id_rsa.pub
The permission of the server to modify the .ssh directory is 700
$ chmod 700 .ssh
The permission of the server to modify the .ssh/authorized_keys file is 600
$ chmod 600 authorized_keys
Question 1
$ ssh [email protected] 'cat >> .ssh/authorized_keys' < ~/.ssh/id_rsa.pub
bash: .ssh/authorized_keys: Permission denied
Solution:
Change the owner of the .ssh folder to git
$ chown -R git:git .ssh
Question 2
$ git pull
ssh: connect to host 172.17.0.2 port 22: Connection refused
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Solution:
The server starts the sshd service
$ systemctl start sshd.service