Mr. Editor-in-chief
Git Server on Cloud
What you should do on your Git server machine
$ sudo adduser git
$ su git
$ cd
$ mkdir .ssh && chmod 700 .ssh
$ touch .ssh/authorized_keys && chmod 600 .ssh/authorized_keys
# Append some developer SSH public keys to the git user’s authorized_keys file
$ cd /srv
$ mkdir project.git
$ cd project.git
$ git init --bare
Initialized empty Git repository in /srv/project.git/
# Additional steps needed if error occurs when git pushing or git cloning
# [remote rejected] main -> main (unpacker error)
$ sudo adduser git sudo
$ cd /srv
$ sudo chown git:git project.git
$ sudo chmod -R 777 project.git
# warning: remote HEAD refers to nonexistent ref, unable to checkout.
$ cd project.git
$ git symbolic-ref HEAD refs/heads/main
What you should do on your developers' machine
# On Devoleper A's computer
$ cd myproject
$ git init
$ git add .
$ git commit -m 'Initial commit'
$ git remote add origin git@azure_vm_ip_address:/srv/project.git
$ git branch -m main
$ git push origin main
$ git push --set-upstream origin main
# Your can repalce git push origin main & git push --set-upstream origin main with
$ git push -u origin main
# On Developer B's computer
git clone git@azure_vm_ip_address:/srv/project.git
Restrict the git user account to only Git-related activities
$ cat /etc/shells # see if git-shell is already in there. If not...
$ which git-shell # make sure git-shell is installed on your system.
$ sudo -e /etc/shells # and add the path to git-shell from last command
$ sudo chsh git -s $(which git-shell)
$ ssh git@gitserver
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.
Connection to gitserver closed.
# Add no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty prefix to each public keys on authorized_keys
$ cat .ssh/authorized_keys
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3MD2lzBblZDS1BFIQb/JASNN+D8R8cDKALpk7yzVoTY/ixS7Pe7gj4Sn0cx1dlIY4qaFdPLjl/SZ05cgGrBzz/o9dHZk82uz8Uy9RMEDFu7iGzmsLir5CKdqLFaTZiY3MZ4ddFg7UG655dVcUvyVqztUI6WMWgumy8L9EGbR+ghzz+rc5Yp9QQ6t4VPHjblisZvGIH56qSMFpjwbX0TdTEk+OrOncYRtNJWreKoJB3AcIuc16lHT6tzJRaWTzN4smrFT3iK+gRo1jkeP44qIsJsfmS3SwOKtxniJ+dMr5zMAOrAiEIZAo1SBQxvVBTfMMsertuyQjK7QPxVtisrkV19TyYwshLIkpDLUgyklfnanhXanxcIN/oQQSdSjFUgzn32MhoivpWsmrrzCOXRZQ238ITT5Nfi1O66f0VS6kMDYgU6S7Apvq//QufwW9J/2IEepw4Ab3qTDWwiuaEisNBCjFVpLnxWpmZVCcDDv4IC3f9LKricxWqanlrgcdB1k= josie@qq.com
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmqLpiCJdsN9h6hXxYnAJ9+Goi8GNcl6qjzdDkc4pzylFF877O+VpUO48CVDZRiRFis9rvdTELwSXdgpDz0EAwEx5JzdiCzb5lxbKpb2wzUJm9UDgtMbQRqAxCOoeAWOJvoSRSmXe8Yo7F6+iAk/H6po3ymICT+dm4Ldrou0wEjGF7WReUXkk98tik449Ci1Rd7yIiUNDPeEEKWL71pz+2E1UdIQThogBQZB/+ELmWt8oAy/m5z3gyPsHm0UbE5liUDgfhBQMO+ydsswPGqCVk6FZoWjwL/2ot58jkiwe4D8WtV1M38NHqfy5bqaoXhMQ/4y/Eo9C3dAWOtz2w+D7H john@hackerheaven