CentOS环境Git服务器搭建并配置公钥访问简单测试

CentOS环境Git服务器搭建并配置公钥访问简单测试


DATE: 2017-09-04 17:03:23

2017-10-26 更新使用私钥时不输入密码

IP地址 用 xxx.xxx.xxx.xx 代替

1. Git服务器环境搭建(Server端)

| SSH方式登录服务器

xiaoqw@ubuntu:~$ ssh root@xxx.xxx.xxx.xx

l 安装开发套装

[root@GitServer ~]# yum groupinstall "Development Tools"
[root@GitServer ~]# yum install gettext-devel openssl-devel perl-CPAN perl-devel zlib-devel

l 创建Git用户组

[root@GitServer ~]# groupadd gituser
[root@GitServer ~]# useradd -g gituser  -d /home/gituser -m -s /bin/bash gituser
[root@GitServer ~]# passwd gituser

l Git初始化配置

[root@GitServer ~]$ cd /home/gituser/
[root@GitServer gituser]$ mkdir project.git
[root@GitServer gituser]$ cd project.git/
[root@GitServer project.git]$ ls
[root@GitServer project.git]$ git --bare init
Initialized empty Git repository in /home/gituser/project.git/

2. 新用户公钥访问管理(Server端)

密钥生成过程

[xiaoqw @GitServer ~]$ ssh-keygen

默认一路回车即可。

Generating public/private rsa key pair.
Enter file in which to save the key (/home/gituser/.ssh/id_rsa):
Created directory '/home/gituser/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/gituser/.ssh/id_rsa.
Your public key has been saved in /home/gituser/.ssh/id_rsa.pub.
The key fingerprint is:
0a:72:ee:86:4e:d9:b1:df:e7:8f:ad:1d:e9:56:86:60 gituser@GitMISAS
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|          E      |
|  . +   S. . .   |
|   * + .    ..o  |
|  o.+ .     oo   |
| ..... .  .=..   |
| .... . .o++=    |
+-----------------+ 

生成的内容

[gituser@GitServer ~]$ ls .ssh/
id_rsa  id_rsa.pub
[gituser@GitServer ~]$ touch ~/.ssh/authorized_keys
[gituser@GitServer ~]$ ls .ssh/
id_rsa  id_rsa.pub authorized_keys

其中,id_rsa.pub是公钥,id_rsa是私钥。
authorized_keys是存储可访问用户公钥的文件。

配置RSA认证(用于后续不使用密码登录)

Host *
    RSAAuthentication yes
    PubkeyAuthentication yes

客户端用户向管理员提交公钥(Client端)

生成密钥

相同的操作,在Client端生成密钥。方法同Server,一路回车。

Administrator@xiaoqw-nb MINGW6$ ssh-keygen -t rsa -C "name@163.com"

提交公钥

如果是平常申请使用的用户:

将Client端的rd_rsa.pub文件邮件发送给管理员,由管理员开通。

如果是搭建Git服务器的管理员新建的测试用户:

那么将这个文件Copy到服务器上即可。
Copy 方式:

Administrator@xiaoqw-nb MINGW64 ~/.ssh
$ scp ~/.ssh/id_rsa.pub root@xxx.xxx.xxx.xx:/tmp/
The authenticity of host 'xxx.xxx.xxx.xx (xxx.xxx.xxx.xx)' can't be established.
ECDSA key fingerprint is SHA256:/ELvbKWFBtogUFil88zA0YMNljckDTyIUjxkiTRNlhc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'xxx.xxx.xxx.xx' (ECDSA) to the list of known hosts.
root@xxx.xxx.xxx.xx's password:
id_rsa.pub                                    100%  405    84.7KB/s   00:00

服务端为Git用户分配权限(Server端)

将客户端的密钥写入密钥存储文件:

[gituser@GitServer ~/.ssh]$ cat /tmp/id_rsa.pub >> authorized_keys

客户端使用测试(Client端)

配置客户端免密登录

$ ssh-add ~/.ssh/id_rsa

Clone仓库

$ git clone gituser@xxx.xxx.xxx.xx:project.git
Cloning into 'project'...
gituser@172.31.102.72's password: 【注:配置免密后不用输入密码】
warning: You appear to have cloned an empty repository.

此时,代码库是空的。配置用户信息并创建工程。

Administrator@xiaoqw-nb MINGW64 ~/.ssh
$ git config --global user.name "xiaoqw"
$ git config --global user.email "dreamstone_xiaoqw@163.com"

创建文件

$ cd project/
$ ps > firstfile

提交文件

$ ls
firstfile
$ git add firstfile
warning: LF will be replaced by CRLF in firstfile.
The file will have its original line endings in your working directory.
$ git commit
Aborting commit due to empty commit message.

Administrator@xiaoqw-nb MINGW64 ~/.ssh/project (master)
$ git add firstfile
$ git commit -m "test file" #代码提交信息
[master (root-commit) 07c57c1] test file
 1 file changed, 4 insertions(+)
 create mode 100644 firstfile
$ git push
gituser@xxx.xxx.xxx.xx's password:
Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 356 bytes | 178.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To xxx.xxx.xxx.xx:project.git
 * [new branch]      master -> master

至此,Git公钥登录方式配置使用完成。

关于使用

Linux操作系统:

安装Git后直接在Terminal命令行操作即可,
git clone gituser@xxx.xxx.xxx.xx:project.git

Windows操作系统:

需要安装 Git for Windows 工具,打开Git Bash操作。
project目录下,需要配置邮箱和姓名,然后执行操作如gitlog等。否则会有错误:
fatal: bad default revision 'HEAD'

需要执行 git commit 解决问题。
常用功能命令示例
获取代码git clonegit clone gituser@xxx.xxx.xxx.xx:project.git
查看状态git status -s
新增文件git add
显示日志git log
提交更新git commit -m "msg"git commit -m "add log logic"
配置用户名git config --global user.name "xiaoqw"
配置邮箱git config --global user.email "xiaoqw@mail.com.cn"
提交至远端git remote add origin gituser@xxx.xxx.xxx.xx:project.git git push origin master

更多操作,请参考:

Git官网手册https://git-scm.com/docs
网络教程 http://www.runoob.com/git/git-tutorial.html

版权声明

弈心博客


本文首发site_name,转载请附上博文链接!