Step one, get the SSH public key from the client
In order for the client to provide the SSH public key to the Git server, first verify that the client owns the public key. The SSH key is stored in the ~/.ssh/directory, so let's look at some of the files in this area:
[email protected] ~]$ ls. Ssh/id_rsa id_rsa_osc id_rsa_osc.pub id_rsa.pub
The above xxx and xxx.pub are an SSH private key and a public key respectively.
Here Id_rsa (private key) and id_rsa.pub (public key) are a pair, while Id_rsa_osc and Id_rsa_osc.pub are a pair of private keys and public keys. This shows that a user can have more than one key, but this does not affect our configuration after the face of the Git server, using any public key can be.
If the user does not have a key file or even a. SSH directory, then the user has not created an SSH key, and we use the Ssh-keygen command to generate the key for it.
[Email protected] ~]$ ssh-keygen-t rsa-c "[email protected]" generating public/private RSA key pair. Enter file in which to save the key (/HOME/USER/.SSH/ID_RSA): Enter passphrase (empty for no passphrase): Enter same PASSP Hrase again:your identification has been saved In/home/user/.ssh/id_rsa. Your public key have been saved in/home/user/.ssh/id_rsa.pub.the key fingerprint is:e1:ec:5c:cd:89:8f:83:a2:aa:5d:8a:7f : 93:12:90:f4 [email protected]the key ' s randomart image is:+--[RSA 2048]----+| | | . || ... . || o E o. +. | | S o + | | . o o o | | ..... + O. | | o.o+. . . || oo=+. | +-----------------+[[email protected] ~]$
The-t RSA parameter indicates the use of the RSA algorithm.
The-c parameter specifies the user's e-mail address.
Next, the Ssh-keygen command asks the user where the key file is stored, the password, and so on, if you do not set the password, type enter directly.
Key files are saved by default in ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub, and the public key file contents are similar to the following:
[email protected] ~]$ cat. Ssh/id_rsa.pub Ssh-rsa aaaab3nzac1yc2eaaaadaqabaaabaqdvzagljr5ojga3vupo/c/ 0eibbhcuq9v2gltmim1ij2nomqtg1lbulgqcwaiw6f9qjk6j+ibypzjifnic90dfsitlplbaimd+/kqzmjymsposb2+ aqhgxwbj3sttka1s3kcbufsryj3m1cwcgblxlsyg/wks/ Wuevxtkwahfsfr7jzkcb5zyzy6ioxhsmvkca7orpaw5ze4mjnw0k9o25scrgc5rypuicevet4lo7weaifhnwp5ql21lvhkknytalxqeteahkyrsgueh54srsz YJ3A4L+JVPFHHWC/0LF+LZAWTD/VKZS9HSVYYKAS+OVGZAFZY+AC7ET+MWLTLSMF [email protected][[email protected] ~]$
At this point, the steps to get the key from the client are complete, and the next step is to send the public key to a Git server repository administrator.
Step two, build a git server (you can skip this step if you already have a GIT server management user)
For ease of management, you need to create a separate user in your system to manage all of your Git repositories.
[[email protected] ~]$ sudo adduser gitadding user ' git ' ... Adding new group ' git ' (1001) ... Adding new user ' Git ' (1001) with group ' git ' ... Creating home directory '/home/git ' ... Copying files from '/etc/skel ' ... Enter new Unix Password:retype new Unix Password:passwd:password updated successfullychanging the user information for Gitenter the new value, or press ENTER for the default full Name []: git. Number []: Work Phone []: Ho Me Phone []: Other []: Is the information correct? [y/n] Y[[email protected] ~]$
We named the user git.
All remote Git repositories can be created under this user name, so you can use this user action when you create a new library or add a new user's SSH public key to the server.
Step three, set up a remote repository (you can skip this step if you have a remote repository)
Switch to the new Git account and create an empty remote repository.
You can also increase the--bare parameter by setting up a remote repository using the GIT init command.
What is the difference between writing--bare parameters?
We know that the general repository from the remote clone will generate a separate directory, in which the current branch of the latest version of the file, while there is a. git folder, and the. Git sibling folder is called our "working directory", our changes are in this directory. and. Git is the working directory of our Git local repository, and everything we add and commit will be submitted to this directory.
Adding the--bare parameter to the GIT init command means that you do not create a local working directory when initializing the Git repository, so all content under the. Git folder is created directly into the current directory instead of being placed under the. git directory.
Once the repository is set up on a Git server, the user can clone the repository. Wait a minute.. has not configured the user SSH public key, so let the user to download, certainly still must enter the password to be OK.
Step four, configure the SSH public key for the user on the Git server
Use the Authorized_keys file on the Git server first to manage the SSH public key for all users.
[Email protected]:~$ mkdir ssh[email protected]:~$ touch. Ssh/authorized_keys[email protected]:~$ chmod Authorized_keys [Email protected]:~$
Ssh/authorized_keys [email protected]:~$ cat/tmp/id_rsa_user2.pub >> ~/.ssh/authorized_keys [email protected]:~ $ cat/tmp/id_rsa_user3.pub >> ~/.ssh/authorized_keys [email protected]:~$
Now User1, User2 and User3 can use the SSH public key to operate the remote Git repository, go ahead and try it.
Reference:
Git on the server-generate SSH public key
Git on the server-Configure the server
Add a SHH public key to a git server