From 6b752d3456e801a80f39226b0c386a66426e1fd4 Mon Sep 17 00:00:00 2001 From: VG Date: Thu, 24 Nov 2016 17:05:46 +0100 Subject: add mit license --- readme.rst | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 readme.rst (limited to 'readme.rst') diff --git a/readme.rst b/readme.rst new file mode 100644 index 0000000..f0dd8b5 --- /dev/null +++ b/readme.rst @@ -0,0 +1,80 @@ +Description +=========== + +This repository is a quick setup to allow readonly and readwrite access for +git-only through ssh. It is simple but should be secure. You can review the +script for security as it is really short. + + +sudo adduser --home /home/git --no-create-home --shell /bin/sh --gecos 'git version control' --disabled-password git +sudo mkdir /home/git +sudo chown git:git /home/git +sudo chmod 2770 /home/git +sudo cp path/gitcmd /home/git/ +sudo gpasswd -a calendros git + +in /etc/ssh/sshd_config: + +Match User git + X11Forwarding no + AllowTcpForwarding no + AllowAgentForwarding no + PermitTunnel no + GatewayPorts no + PermitTTY no + Banner "Only git access allowed" + AuthorizedKeysFile /etc/ssh/git_keys + +in /etc/ssh/git_keys + +# usage: restrict,command="./gitcmd username" key +# then create a ~git/username.listro for authorized repositories + +username.listro with username replaced with the username given at the gitcmd +argument at the front of the ssh key contains a list of repositories +directory for read-only access. username.listrw contains a list of read-write +access. + +git directories are created with git init --bare + +Example of directory structure: + +in /home/git: + +$ tree --dirsfirst -L 2 +. +├── +│   ├── branches +│   ├── hooks +│   ├── info +│   ├── objects +│   ├── refs +│   ├── HEAD +│   ├── config +│   └── description +├── .listrw +├── .listro +├── create-repo +└── gitcmd + +6 directories, 8 files + +License +======= + +Unless specified otherwise, this project is licensed under the terms of the +MIT license. You should have received a copy of the MIT License along with +this program. If not, see . + +SPDX-License-Identifier: MIT + +Copyright © 2016 vg + +Contact +======= + +developer + vg + +mail + vg@devys.org -- cgit v1.2.3