Search This Blog

Git over ssh: restrict user to git pull/push access only

git-shell is a restricted login shell for GIT-only SSH access

By changing the login shell to git-shell the ssh user can only access git push/pull:
sudo chsh -s /usr/bin/git-shell gituser
When the user login to server via ssh: 
ssh gituser@server

the follow error may occur:
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.ssh gituser@server
To fix it, run the following commands on the server(Ubuntu 11.10) as root: 
sudo mkdir /home/gituser/git-shell-commands
sudo cp /usr/share/doc/git/contrib/git-shell-commands/list /home/gituser/git-shell-commands/
sudo cp /usr/share/doc/git/contrib/git-shell-commands/help /home/gituser/git-shell-commands/
sudo chown -R gituser /home/gituser/git-shell-commands

See Also:





Labels:

1 comment:

  1. UnknownApril 4, 2013 at 7:42 PM

    Useful post, thanks.

    You might want to add that (Ubuntu 12.04.2 LTS at least) it is also necessary to:

    chmod -R u+x ./git-shell-commands

    The list and help files aren't executable in /usr/share/doc.... this will throw an error unless you set them so.

    ReplyDelete

Subscribe to: Post Comments (Atom)