如今通常安装的linux系统都会自带git代码仓库服务器,若是使用git原生的权限管理则须要修改每一个repo的配置文件。同时若是使用到了ssh还得把每一个都放到authorized_keys文件中,这还会会带来必定的安全隐患。这样咱们可使用一个git的权限管理小插件gitolite。html
[git@localhost ~]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/git/.ssh/id_rsa): Created directory '/home/git/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/git/.ssh/id_rsa. Your public key has been saved in /home/git/.ssh/id_rsa.pub. The key fingerprint is: 44:92:09:a1:fe:99:54:66:c6:6b:b8:51:2c:62:c2:14 git@localhost.localdomain The key's randomart image is: +--[ RSA 2048]----+ | E. oo.o. | |o . ooo | |..+ . O . | | + . O o | | . + o S | | o * | | = | | | | | +-----------------+ [git@localhost ~]$ cd .ssh/ [git@localhost .ssh]$ cat id_rsa.pub >> authorized_keys [git@localhost .ssh]$ ssh 192.168.137.2 The authenticity of host '192.168.137.2 (192.168.137.2)' can't be established. ECDSA key fingerprint is 95:85:14:9c:c4:9e:0f:e1:a6:e6:94:3e:9f:d8:50:a1. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.137.2' (ECDSA) to the list of known hosts. git@192.168.137.2's password: [1]+ 已中止 ssh 192.168.137.2 [git@localhost .ssh]$ su 密码: [root@localhost .ssh]# cd .. [root@localhost git]# chmod 755 .ssh/ [root@localhost git]# chmod 600 .ssh/authorized_keys [root@localhost git]# exit exit [git@localhost .ssh]$ ssh 192.168.137.2 Agent admitted failure to sign using the key. git@192.168.137.2's password: [2]+ 已中止 ssh 192.168.137.2 [git@localhost .ssh]$ ssh-add Identity added: /home/git/.ssh/id_rsa (/home/git/.ssh/id_rsa) [git@localhost .ssh]$ ssh 192.168.137.2 Last login: Wed Feb 4 15:37:10 2015 from panda-windows8.mshome.net [git@localhost ~]$ exit 登出 Connection to 192.168.137.2 closed. [git@localhost .ssh]$
[git@localhost ~]$ cd .ssh/ [git@localhost .ssh]$ ls authorized_keys gitolite-admin.pub id_rsa id_rsa.pub known_hosts [git@localhost .ssh]$ cat gitolite-admin.pub >> authorized_keys [git@localhost .ssh]$四、权限管理员经过xshell链接到服务器
[git@localhost ~]$ git clone git://github.com/sitaramc/gitolite 正克隆到 'gitolite'... remote: Counting objects: 8802, done. remote: Total 8802 (delta 0), reused 0 (delta 0) 接收对象中: 100% (8802/8802), 3.64 MiB | 19.00 KiB/s, done. 处理 delta 中: 100% (4996/4996), done. [git@localhost ~]$ cd gitolite/ [git@localhost gitolite]$ mkdir ~/bin [git@localhost gitolite]$ ./install -to ~/bin [git@localhost gitolite]$ gitolite setup -pk ~/.ssh/gitolite-admin.pub 初始化空的 Git 版本库于 /home/git/repositories/gitolite-admin.git/ 初始化空的 Git 版本库于 /home/git/repositories/testing.git/ [git@localhost gitolite]$