Build your own git server under CentOS

You need to install the CentOS system first, as a test, you can choose to install on the virtual machine, so it is more convenient. This step by default you will, will not speak.

With CentOS, how do you build a git server?

1, first need to install GIT, you can use the Yum source online installation:

[[email protected] desktop]# yum install-y git

2. Create a git user to run the GIT service

[[email protected] desktop]# adduser git

3. Initialize the GIT repository: Here we choose/data/git/learngit.git as our git repository

[[email protected] git]# git init--bare learngit.gitinitialized empty git repository in/data/git/learngit.git/

Executing the above command creates a bare repository with no workspaces, because the GIT repository on the server is purely for sharing, so the user is not allowed to log on directly to the server to change the workspace, and the Git repositories on the server usually end in. git. Then, change owner to git:

[Email protected] git]# chown git:git learngit.git

4, here, the GIT server has been set up almost. Below we clone the remote repository on the client

[email protected]/e/testgit/8.34$ git clone [email protected]:/data/git/learngit.gitcloning into ' learngit ' ... The authenticity of host ' 192.168.8.34 (192.168.8.34) ' can ' t be established. RSA key fingerprint is 2b:55:45:e7:4c:29:cc:05:33:78:03:bd:a8:cd:08:9d. Is you sure want to continue connecting (yes/no)? yeswarning:permanently added ' 192.168.8.34 ' (RSA) to the list of known hosts. [email protected] ' s password:

Here are two points to note: First, when you first use Git's clone or push command to connect to GitHub, you get a warning:

The authenticity of host ' github.com (xx.xx.xx.xx) ' can ' t be established. RSA key fingerprint is xx.xx.xx.xx.xx.Are do sure you want to continue connecting (yes/no)?

This is because Git uses SSH connection, and SSH connection is the first time to verify the GitHub server key, you need to confirm that GitHub key fingerprint information is really from the GitHub server, enter Yes .

Git will output a warning telling you that you have added GitHub key to a trust list on this machine:

warning:permanently added ' github.com ' (RSA) to the list of known hosts.

This warning will only appear once, and there will be no warning after the operation.

If you are really worried about someone impersonating a github server, enter Yes before you can control whether the fingerprint information of GitHub's RSA key is consistent with the SSH connection.

Second, you are prompted to enter a password to clone, of course, if you know the password, you can type a password to clone, but the more common way is to use the SSH public key to complete the verification.

5. Create SSH Key

First in the user home directory, see if there is no. ssh directory, if there is, then look at this directory there are no id_rsa and id_rsa.pub These two files, if already have, you can skip to the next step. If not, open the shell (open git Bash under Windows) and create SSH Key:

$ ssh-keygen-t rsa-c "[Email protected]"

You need to change the email address to your own email address, and then return to the default value, as this key is not used for military purposes, so there is no need to set a password.

If all goes well, you can find it in the user's home directory.. SSHdirectory, Inside thereId_rsaAndid_rsa.pubTwo files, these two are key pairs of SSH key,Id_rsaIt's a private key, you can't leak it.id_rsa.pubis a public key that can be safely told to anyone.

6. Git server opens RSA authentication

You can then add your public key to the GIT server to verify your information. On a git server, you first need to turn on RSA authentication in/etc/ssh/sshd_config, which is:

1.RSAAuthentication Yes     2.PubkeyAuthentication Yes     3.AuthorizedKeysFile  . Ssh/authorized_keys

Here we can see that the public key is stored in the. ssh/authorized_keys file. So we create the. SSH directory under/home/git, then create the Authorized_keys file and import the public key that you just generated.

Then when cloning again, or after the push, there is no need to enter the password:

[Email protected]/e/testgit/8.34$ git clone [email protected]:/data/git/learngit.gitcloning into ' learngit ' ... warning : You appear to has cloned an empty repository. Checking connectivity ... done.

7. Disable the git user's shell login

For security reasons, the GIT user created in the second step is not allowed to log in to the shell, which can be done by editing the/etc/passwd file. Find a line similar to the following:

git:x:1001:1001:,,,:/home/git:/bin/bash

After the last colon, change to:

git:x:1001:1001:,,,:/home/git:/usr/bin/git-shell

In this way, git users can use git normally via SSH, but cannot log in to the shell because the Git-shell we specify for git users automatically exits every time a login is logged in.

Build your own git server under CentOS