current community

your communities

more stack exchange communities

Stack Exchange
tour help
Take the 2-minute tour ×
Unix & Linux Stack Exchange is a question and answer site for users of Linux, FreeBSD and other Un*x-like operating systems. It's 100% free, no registration required.
up vote 1 down vote favorite

Using:

one can force a key-based SSH connection to execute the given command and no other.

Is it possible through this mechanism (or another) to give someone a limited SSH access to a given git repository, allowing that person to git clone user@server:myrepo.git, push or pull, but nothing else?

Security note: when restricting access with authorized_keys, you should also use the options: no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-user-rc

share|improve this question
2  
Look at gitolite which manages these details for you. –  wurtel Feb 19 at 15:24
    
Perhaps you want to use chroot for this ssh user. –  webKnjaZ Feb 19 at 16:17
    
install git-shell (git-sh on Debian) and change the shell for the user to git-shell. –  Dārayavahuš tdi Feb 19 at 16:56
    
@Dārayavahuštdi is this a guaranteed secure shell? Meaning that this user cannot escape from it or do anything else on the system? –  Totor Feb 19 at 18:11

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Browse other questions tagged or ask your own question.