本次环境搭建说明:
Server是在CentOS 6.7
Client是在Win7
利用SSH
安装Git
在连网的情况下安装非常容易,一句yum install git搞定。1
2
3
4
5
6
7
8
9
10
11
12
13[root@Automation file]# yum install git
已加载插件:fastestmirror, refresh-packagekit, security
设置安装进程
base | 3.7 kB 00:00
base/primary_db | 4.6 MB 00:08
extras | 3.4 kB 00:00
extras/primary_db | 33 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 2.6 MB 00:02
包 git-1.7.1-3.el6_4.1.x86_64 已安装并且是最新版本
无须任何处理
[root@Automation file]# git version
git version 1.7.1
创建git用户
1 | [root@Automation /]# useradd git |
管理证书
使用 authorized_keys 方法来对用户进行认证。
Server端搭建
在git用户新建一个.ssh的目录。1
2
3
4
5[git@Automation /]$ cd
[git@Automation ~]$ mkdir git
[git@Automation ~]$ cd git
[git@Automation git]$ mkdir .ssh && chmod 700 .ssh
[git@Automation git]$ touch .ssh/authorized_keys && chmod 600 .ssh/authorized_keysClient端生成id_rsa.pub文件
详细请参考:Generating SSH keys
本地查看:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23yongfeiuall@yongfeiuall-pc MINGW32 /c/hexoblog (master)
$ ls -al ~/.ssh
total 29
drwxr-xr-x 1 yongfeiuall 1049089 0 Oct 8 12:46 ./
drwxr-xr-x 1 yongfeiuall 1049089 0 Nov 17 11:22 ../
-rw-r--r-- 1 yongfeiuall 1049089 1766 Oct 8 12:41 id_rsa
-rw-r--r-- 1 yongfeiuall 1049089 401 Oct 8 12:41 id_rsa.pub
-rw-r--r-- 1 yongfeiuall 1049089 803 Oct 8 13:16 known_hosts
yongfeiuall@yongfeiuall-pc MINGW32 /c/hexoblog (master)
$ cd ~/.ssh
yongfeiuall@yongfeiuall-pc MINGW32 ~/.ssh
$ ls
id_rsa id_rsa.pub known_hosts
yongfeiuall@yongfeiuall-pc MINGW32 ~/.ssh
$ cat id-rsa.pub
cat: id-rsa.pub: No such file or directory
yongfeiuall@yongfeiuall-pc MINGW32 ~/.ssh
$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzJu1dMB88j4j7rUGBxpffrWr5wvsFL/Iau65GTLDq5zYjITUUsLw6s7jpoUCw5KhV8hWAlbZb8bdnMjHsxK1jg8GAh5tFQ1wx68CPHqmL7ZxTWfN1tzPYcDVmNi42BCDOUz8tUBa/mmPC/S4L3QQD6ec0nP/58Z0npHIrG30dr9qhuYLwQlOIGTcVPMJJwspa7b9YyroVp5btrxMjShfea7dwT1048pGnVnO0dq3O+GnlD2DOFv/PsdFKh1bYs/dJVlDMFR583R1C1Rwc9vxTkiTWNH5IapPQK34ECaeQ0mNVoJz8r8ZBR1hKOPPcuJ9eyUX1IJPPjNLSX/Tu5xhr yongfeiuall@163.com将开发者的SSH公钥添加到git用户的authorized_keys这个文件当中,一行一个。
从本地Copy到Server上
1
2
3$ scp id_rsa.pub git@10.22.1.13:~
git@10.22.1.13's password:
id_rsa.pub 100% 401 0.4KB/s 00:00Copy到文件中
1
2
3
4
5[git@Automation ~]$ ls
git id_rsa.pub
[git@Automation ~]$ cat id_rsa.pub >> git/.ssh/authorized_keys
[git@Automation ~]$ cat git/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzJu1dMB88j4j7rUGBxpffrWr5wvsFL/Iau65GTLDq5zYjITUUsLw6s7jpoUCw5KhV8hWAlbZb8bdnMjHsxK1jg8GAh5tFQ1wx68CPHqmL7ZxTWfN1tzPYcDVmNi42BCDOUz8tUBa/mmPC/S4L3QQD6ec0nP/58Z0npHIrG30dr9qhuYLwQlOIGTcVPMJJwspa7b9YyroVp5btrxMjShfea7dwT1048pGnVnO0dq3O+GnlD2DOFv/PsdFKh1bYs/dJVlDMFR583R1C1Rwc9vxTkiTWNH5IapPQK34ECaeQ0mNVoJz8r8ZBR1hKOPPcuJ9eyUX1IJPPjNLSX/Tu5xhr yongfeiuall@163.com
初始化仓库
服务器上的仓库在初始化仓库时不用创建工作目录,用–bare选项在git下建立一个空仓库:1
2
3
4
5
6
7[git@Automation /]$ cd/tmp
[git@Automation tmp]$ mkdir git
[git@Automation tmp]$ cd git
[git@Automation git]$ mkdir sample.git
[git@Automation git]$ cd sample.git/
[git@Automation sample.git]$ git init --bare
Initialized empty Git repository in /tmp/git/sample.git/
测试
在Client端克隆远程仓库1
2
3
4
5$ git clone git@10.22.1.13:/tmp/git/sample.git
Cloning into 'sample'...
git@10.22.1.13's password:
warning: You appear to have cloned an empty repository.
Checking connectivity... done.
后话
为了不用每次clone代码的时候都输入ip地址,可以采用DNS的方式。具体操作如下
1
[root@Automation git]$ vim /etc/hosts
在里面加入下面一行
10.22.1.13 gitserver,这样可以用以下命令git clone git@gitserver:/tmp/git/sample.git(git clone git@10.22.1.13:/tmp/git/sample.git)。为了保护git服务器,限制开发者登陆服务器,可以采用如下的措施。
1
[root@Automation /]# vi /etc/passwd
在文件结尾处,
git:x:500:500::/home/git:/bin/bash;把/bin/bash/改为/user/bin/git-shell。
再登录查看1
2
3
4
5$ ssh git@10.22.1.13
git@10.22.1.13's password:
Last login: Fri Nov 20 12:49:43 2015 from 10.8.21.197
fatal: What do you think I am? A shell?
Connection to 10.22.1.13 closed.
