#服务器端
#安装 git
参考链接:http://tzhennan.iteye.com/admin/blogs/2410564
#查看版本
$ git --version
git version 1.8.3.1
#创建git 用户,用来管理 git 服务,并为 git 用户设置密码
$ id git
id: git:无此用户
$ useradd git
$ passwd git
#创建 git 仓库
$ mkdir -p /data/git/test.git
$ git init --bare /data/git/test.git
Initialized empty Git repository in /data/git/test.git/
$ chown -R git:git test.git/
#客户端
#安装 git
参考链接:http://tzhennan.iteye.com/admin/blogs/2410564
#客户端 clone 远程仓库
$ git clone [email protected]:/data/git/test.git
Cloning into 'test'...
[email protected]'s password:
warning: You appear to have cloned an empty repository.
#如果SSH用的不是默认的22端口,则需要使用以下的命令(假设SSH端口号是7700)
$ git clone ssh://[email protected]:7700/data/git/test.git
$ git pull
[email protected]'s password:
Your configuration specifies to merge with the ref 'master'
from the remote, but no such ref was fetched.
#解决步骤:
$ touch README
$ git add -A
$ git commit -m "add README"
$ git push -u origin master
[email protected]'s password:
Counting objects: 3, done.
Writing objects: 100% (3/3), 206 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote: error: insufficient permission for adding an object to repository database ./objects
remote: fatal: failed to write object
error: unpack failed: unpack-objects abnormal exit
To [email protected]:/data/git/share.git
! [remote rejected] master -> master (unpacker error)
error: failed to push some refs to '[email protected]:/data/git/share.git'
#服务器端设置仓库权限
$ chown -R git:git share.git/
#每次git pull都提示输入git密码
客户端创建 ssh 公钥和私钥
$ ssh-keygen -t rsa -C "[email protected]"
此时 ~/.ssh 下会多出两个文件 id_rsa 和 id_rsa.pub
id_rsa 是私钥
id_rsa.pub 是公钥
服务器端 git 打开 RSA 认证
进入 /etc/ssh 目录,编辑 sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
保存并重启 sshd 服务
$ systemctl restart sshd.service
由 AuthorizedKeysFile 得知公钥的存放路径是 .ssh/authorized_keys,实际上是 $Home/.ssh/authorized_keys,由于管理 git 服务的用户是 git,所以实际存放公钥的路径是 /home/git/.ssh/authorized_keys
$ cd /home/git
$ mkdir .ssh
把 .ssh 文件夹的 owner 修改为 git
$ chown -R git:git .ssh
将客户端公钥导入服务器端 /home/git/.ssh/authorized_keys 文件
$ ssh [email protected] 'cat >> .ssh/authorized_keys' < ~/.ssh/id_rsa.pub
服务端修改 .ssh 目录的权限为 700
$ chmod 700 .ssh
服务端修改 .ssh/authorized_keys 文件的权限为 600
$ chmod 600 authorized_keys
问题1
$ ssh [email protected] 'cat >> .ssh/authorized_keys' < ~/.ssh/id_rsa.pub
bash: .ssh/authorized_keys: Permission denied
解决办法:
把 .ssh 文件夹的 owner 修改为 git
$ chown -R git:git .ssh
问题2
$ git pull
ssh: connect to host 172.17.0.2 port 22: Connection refused
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
解决办法:
服务端启动sshd服务
$ systemctl start sshd.service