GIT 胚子服务器SSH 服务

1.1. SSH 克隆方式

• 克隆裸仓库

git clone --bare my_project my_project.git

• 等同于

cp -Rf my_project/.git my_project.git

• copy 裸仓库到远程服务器

scp -r realsync.repo/ aming@121.40.220.127:/home/aming

• 检验是否成功

git clone aming@121.40.220.127:/home/aming/realsync.repo realsync.git 

对于远程服务器目录有写权限的话就可以推送。

1.2. 创建裸仓库方式

• 进入需要创建裸仓库的目录

cd install/

• 执行创建

git init --bare --shared

• SSH权限分配

• 客户端产生公钥

[git@SERVER ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/git/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/git/.ssh/id_rsa.
Your public key has been saved in /home/git/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:2AlqOJE+Y4vRHbLVfA6cyDJaXuhAZBq/EKl/u1Jsyz0 git@SERVER
The key's randomart image is:
+---[RSA 2048]----+
|+=               |
|=+ + = .         |
|= X * B .        |
|.X % o B .       |
|o.&.+ . S        |
| +.*=            |
|. .= +           |
|  . + E          |
|   ... .         |
+----[SHA256]-----+

• Git 服务器创建目录

sudo adduser git
su git
cd
mkdir .ssh && chmod 700 .ssh
touch .ssh/authorized_keys && chmod 600 .ssh/authorized_keys

• 客户端产生公钥以后

[book@SERVER .ssh]$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMlP7MLTs+bZAKg+RrSJFe29p9AMuQGpxijNzPkA8JDnyRLN9Y1RkC4kaEZixTNDOpWG7Bsv5vin8hcgZ39akCLgHizuVo8H1/nZqZsqHO9whXEhDpWplQtrN11qj2ZmeP+Cbtgn0KsSQYOT38v1YxiL9//hjeFGRaALgdKpMWZ9b4EEii6ESWcWgRLv4WJw0U6Ry/IjtIXk6/zgHnfY0TcSpf7n4Fm0mEox+PitkqxMF2AOOI0h5T5H2eRAYOH0Rfk19Ef0Kut60sU/JfqW/pGiuWEtjFy7+6dnZ1waMlzHoJHBy/+iGeVmVgH1xS5XdyacOH6edl7Y7KoJ+/6RaR book@SERVER

• 添加到git服务器

cat /tmp/id_rsa.john.pub >> ~/.ssh/authorized_keys
cat /tmp/id_rsa.josie.pub >> ~/.ssh/authorized_keys
cat /tmp/id_rsa.jessica.pub >> ~/.ssh/authorized_keys

• 创建裸git 库

$ cd /opt/git
$ mkdir project.git
$ cd project.git
$ git init --bare

• 由一个主要负责人推送初始版本

mkdir myproject
cd myproject
git init
git add .
git commit -m 'initial commit'
git remote add origin git@121.40.220.127:/home/git/project.git
git push origin master

• 其他用户clone

git clone git@121.40.220.127:/home/git/project.git ./realsync.git 

1.3. 限制git 用户登陆操作系统

• 查看git-shell 是否安装

$ cat /etc/shells # see if `git-shell` is already in there. If not…

$ which git-shell # make sure git-shell is installed on your system.

[root@iZ231dv3iz1Z ~]# which git-shell
/usr/bin/git-shell

$ sudo vim /etc/shells # and add the path to git-shell from last command

1.4. 加入git-shell

更改git 登陆shell

root@iZ231dv3iz1Z ~]# chsh git
Changing shell for git.
New shell [/bin/bash]: /usr/bin/git-shell
Shell changed.

Note:现目前git 就无法登陆操作系统了