git在用戶管理及管理上，下面上三種解決辦法：

?如果需要團隊里的每個人都對倉庫有寫權限，又不能給每個人在服務器上建立賬戶，那么提供 SSH 連接就是唯一的選擇了。我們假設用來共享倉庫的服務器已經安裝了 SSH 服務，而且你通過它訪問服務器。 ?
??
有好幾個辦法可以讓團隊的每個人都有訪問權。

第一個辦法是給每個人建立一個賬戶，直截了當但過于繁瑣。反復的運行 adduser 并且給所有人設定臨時密碼可不是好玩的。 ?
???
第二個辦法是在主機上建立一個 git 賬戶，讓每個需要寫權限的人發送一個 SSH 公鑰，然后將其加入 git 賬戶的 ~/.ssh /authorized_keys 文件。這樣一來，所有人都將通過 git 賬戶訪問主機。這絲毫不會影響提交的數據——訪問主機用的身份不會影響 commit的記錄。 ?
???
另一個辦法是讓 SSH 服務器通過某個 LDAP 服務，或者其他已經設定好的集中授權機制，來進行授權。只要每個人都能獲得主機的 shell 訪問權，任何可用的 SSH 授權機制都能達到相同效? # 如果需要團隊里的每個人都對倉庫有寫權限，又不能給每個人在服務器上建立賬戶，那么提供 SSH 連接就是唯一的選擇了。我們假設用來共享倉庫的服務器已經安裝了 SSH 服務，而且你通過它訪問服務器。 ?
???

git?共享倉庫服務器：?Aries.lansgg.com 192.168.100.128

git?客戶測試機：????node1.lansgg.com????192.168.100.129

方法一 示例、

git?倉庫服務器，新建倉庫，測試機獲取git倉庫，修改，遠程上傳。ssh?方式

1 2 3 4 5 6 7 8 9 10 11 12 13

[root@Aries?~] #?useradd?-d?/opt/gitServer?gitServer [root@Aries?~] #?echo?"git"|passwd?--stdin?gitServer 更改用戶?gitServer?的密碼?。 passwd ：?所有的身份驗證令牌已經成功更新。 [root@Aries?~] #?yum?install?git?-y [root@Aries?~] #?su?-?gitServer [gitServer@Aries?~]$? ls [gitServer@Aries?~]$? mkdir? TestProject.git [gitServer@Aries?~]$? cd? TestProject.git/ [gitServer@Aries?TestProject.git]$?git?--bare?init Initialized?empty?Git?repository? in? /opt/gitServer/TestProject .git/ [gitServer@Aries?TestProject.git]$? ls branches??config??description??HEAD??hooks??info??objects??refs

客戶測試機

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

[root@node1?~] #?useradd?-d?/opt/gitServer?gitServer [root@node1?~] #?echo?"gitServer"?|passwd?--stdin?gitServer 更改用戶?gitServer?的密碼?。 passwd ：?所有的身份驗證令牌已經成功更新。 [root@node1?~] #?su?-?gitServer [root@node1?~] #?git?clone?gitServer@192.168.100.128:/opt/gitServer/TestProject.git Initialized?empty?Git?repository? in? /root/TestProject/ .git/ The?authenticity?of?host? '192.168.100.128?(192.168.100.128)'? can't?be?established. RSA?key?fingerprint?is?9f:32:3a:b0:db:03:b6:c8:fc:a0:47:6c:e5:d1:b0:6a. Are?you?sure?you?want?to? continue? connecting?( yes /no )?? yes Warning:?Permanently?added? '192.168.100.128'? (RSA)?to?the?list?of?known?hosts. gitServer@192.168.100.128's?password:? warning:?You?appear?to?have?cloned?an?empty?repository. [root@node1?~] #?ls anaconda-ks.cfg?? install .log?? install .log.syslog??TestProject [root@node1?~] #?cd?TestProject/ [root@node1?TestProject] #?echo?"test?file"?>?test.file [root@node1?TestProject] #?git?add?test.file? [root@node1?TestProject] #?git?config?--global?user.name?"gitServer" [root@node1?TestProject] #?git?config?--global?user.email?git@lansgg.com [root@node1?TestProject] #?git?commit?-m?"test?commit"?test.file [master?96bf273]? test? commit ? 1?files?changed,?1?insertions(+),?1?deletions(-) [gitServer@node1?TestProject]$?git?remote?add?test_remote_origin? ssh : //192 .168.100.128 /opt/gitServer/TestProject .git [gitServer@node1?TestProject]$?git?push?test_remote_origin?master gitServer@192.168.100.128's?password:? Counting?objects:?5,? done . Writing?objects:?100%?(3 /3 ),?252?bytes,? done . Total?3?(delta?0),?reused?0?(delta?0) To? ssh : //192 .168.100.128 /opt/gitServer/TestProject .git ??? 7e2e4a4..96bf273??master?->?master

git?倉庫服務端

1 2 3 4 5 6

[gitServer@Aries?TestProject.git]$?git?log commit?96bf2738c6602283ea91778b999f7adf66c0082c Author:?gitServer?<gitServer@lansgg.com> Date:???Tue?Sep?22?17:05:12?2015?+0800 ???? test? commit

我們可以隨便找個目錄clone下，看看是否存在?剛剛提交的 test.file

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

[root@Aries?~] #?mkdir?/opt/tt [root@Aries?~] #?cd?/opt/tt [root@Aries?tt] #?git?clone?gitServer@192.168.100.128:/opt/gitServer/TestProject.git Initialized?empty?Git?repository? in? /opt/tt/TestProject/ .git/ The?authenticity?of?host? '192.168.100.128?(192.168.100.128)'? can't?be?established. RSA?key?fingerprint?is?9f:32:3a:b0:db:03:b6:c8:fc:a0:47:6c:e5:d1:b0:6a. Are?you?sure?you?want?to? continue? connecting?( yes /no )?? yes Warning:?Permanently?added? '192.168.100.128'? (RSA)?to?the?list?of?known?hosts. gitServer@192.168.100.128's?password:? remote:?Counting?objects:?6,? done . remote:?Compressing?objects:?100%?(2 /2 ),? done . Receiving?objects:?100%?(6 /6 ),?435?bytes,? done . remote:?Total?6?(delta?0),?reused?0?(delta?0) [root@Aries?tt] #?ls TestProject [root@Aries?tt] #?cd?TestProject/ [root@Aries?TestProject] #?ls test . file [root@Aries?TestProject] #?cat?test.file? test? file? abc [root@Aries?TestProject] #

方法二? 示例、

在測試機創建兩個賬戶 user1 user2，分別將秘鑰上傳至git?倉庫側，

1 2 3 4 5 6 7 8 9

[root@node1?~] #?useradd?-d?/opt/user1?user1 [root@node1?~] #?echo?"user1"?|passwd?--stdin?user1 更改用戶?user1?的密碼?。 passwd ：?所有的身份驗證令牌已經成功更新。 [root@node1?~] #?useradd?-d?/opt/user2?user2 [root@node1?~] #?echo?"user2"?|passwd?--stdin?user2 更改用戶?user2?的密碼?。 passwd ：?所有的身份驗證令牌已經成功更新。 [root@node1?~] #

1 2 3 4

[root@node1?~] #?su?-?user1 [user1@node1?~]$? ssh -keygen?-t?rsa [root@node1?~] #?su?-?user2 [user1@node1?~]$? ssh -keygen?-t?rsa

分別將user1、user2?用戶的公鑰新增git倉庫服務器側的

1 2 3 4 5 6 7 8 9

[user2@node1?. ssh ]$? pwd /opt/user2/ . ssh [user2@node1?. ssh ]$?ll 總用量?8 -rw-------.?1?user2?user2?1671?9月??22?17:18?id_rsa -rw-r--r--.?1?user2?user2??404?9月??22?17:18?id_rsa.pub [user2@node1?. ssh ]$? cat? id_rsa.pub? ssh -rsa?AAAAB3NzaC1yc2EAAAABIwAAAQEAp0Im8iL7UR2b0PWrJ98YY /nqvjnuYWNc2F52SYn1/WA8rwGBWW0WBmKMoyW8YfSpCVk7QbyhX48Y3KF/Gf16CWRMm8xuyA +S5Seq3ZGnLbbVhb0OMO8VDAldovnIuPdI6005+ux /WbG1FKr3WxGs5k92ZO9hbXxpcVAwpvHY47t1v2LH5fW2jThypWMolUdp9TaNy7FkD2zaUNhbdqM1w67OSydiHAMfj183sEso9TykiXJvwlJeLdUMFywPTwfVqu2rxV0lY68B2mwr1pl5mcGPA4/0ruX8vSFsFLev8 +yi7LjccChAu /suPIFGLqRXrkW8ymsN/l3CkldnS9Y0BQ ==?user2@node1.lansgg.com [user2@node1?. ssh ]$

git?倉庫服務側

1 2	[gitServer@Aries?~]$? mkdir? . ssh? &&? chmod? 700?. ssh [gitServer@Aries?~]$? touch? . ssh /authorized_keys? &&? chmod? 600?. ssh /authorized_keys

1 2 3 4

[gitServer@Aries?~]$? cat? . ssh /authorized_keys? ssh -rsa?AAAAB3NzaC1yc2EAAAABIwAAAQEA1pII1U64N /wl1OXotWdcU8d8 +ad0q6tkqdBgXLcR5zqXIq9PPe1NeLJ5HS9UIvZeN /LEyXGYh +fyg8tFQ+2PN3CmxnVwwcciyl1AKAgTeKUdleh8qcXPZkI0YZBpgTbuYWYHNjA6Qd9cvJSdKe9cVvwsv7N1z17Mx1uIfNSuSZ9e4XqUsJksBAzAYEGar4S13+Y /il7lquwkrdVBiWfWHmf/WoeY2RnzNBe9YtPVFUPL8HEoYyYaU +YXXMZKOZ8JwuLu1CPDJHTquSTyqdEwmgJWDdoiipgtyVOEVGZC0CqV16M2YpVqw26rrZ+nXUQYEnTrWyIiqt8 /xvzmeDIf0Q ==?user1@node1.lansgg.com ssh -rsa?AAAAB3NzaC1yc2EAAAABIwAAAQEAp0Im8iL7UR2b0PWrJ98YY /nqvjnuYWNc2F52SYn1/WA8rwGBWW0WBmKMoyW8YfSpCVk7QbyhX48Y3KF/Gf16CWRMm8xuyA +S5Seq3ZGnLbbVhb0OMO8VDAldovnIuPdI6005+ux /WbG1FKr3WxGs5k92ZO9hbXxpcVAwpvHY47t1v2LH5fW2jThypWMolUdp9TaNy7FkD2zaUNhbdqM1w67OSydiHAMfj183sEso9TykiXJvwlJeLdUMFywPTwfVqu2rxV0lY68B2mwr1pl5mcGPA4/0ruX8vSFsFLev8 +yi7LjccChAu /suPIFGLqRXrkW8ymsN/l3CkldnS9Y0BQ ==?user2@node1.lansgg.com [gitServer@Aries?~]$

客戶測試機??無需用戶名、密碼

1 2 3 4 5 6 7 8 9 10 11

[user1@node1?~]$?git?clone?gitServer@192.168.100.128: /opt/gitServer/TestProject .git Initialized?empty?Git?repository? in? /opt/user1/TestProject/ .git/ The?authenticity?of?host? '192.168.100.128?(192.168.100.128)'? can't?be?established. RSA?key?fingerprint?is?9f:32:3a:b0:db:03:b6:c8:fc:a0:47:6c:e5:d1:b0:6a. Are?you?sure?you?want?to? continue? connecting?( yes /no )?? yes Warning:?Permanently?added? '192.168.100.128'? (RSA)?to?the?list?of?known?hosts. remote:?Counting?objects:?9,? done . remote:?Compressing?objects:?100%?(3 /3 ),? done . remote:?Total?9?(delta?0),?reused?0?(delta?0) Receiving?objects:?100%?(9 /9 ),? done . [user1@node1?~]$

如果提交過程：提示如下錯誤

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

Counting?objects:?3,? done . Writing?objects:?100%?(3 /3 ),?247?bytes?|?0?bytes /s ,? done . Total?3?(delta?0),?reused?0?(delta?0) remote:?error:?refusing?to?update?checked?out?branch:?refs /heads/master remote:?error:?By?default,?updating?the?current?branch? in? a?non-bare?repository remote:?error:?is?denied,?because?it?will? make? the?index?and?work?tree?inconsistent remote:?error:?with?what?you?pushed,?and?will?require? 'git?reset?--hard'? to?match remote:?error:?the?work?tree?to?HEAD. remote:?error: remote:?error:?You?can? set? 'receive.denyCurrentBranch'? configuration?variable?to remote:?error:? 'ignore'? or? 'warn'? in? the?remote?repository?to?allow?pushing?into remote:?error:?its?current?branch;?however,?this?is?not?recommended?unless?you remote:?error:?arranged?to?update?its?work?tree?to?match?what?you?pushed? in? some remote:?error:?other?way. remote:?error: remote:?error:?To?squelch?this?message?and?still?keep?the?default?behaviour,? set remote:?error:? 'receive.denyCurrentBranch'? configuration?variable?to? 'refuse' .

試著將如下配置新增到

1 2 3

[git@JumpServer1?pl.git]$? cat? .git /config? [receive] ???? denyCurrentBranch?=?ignore

再次提交

本文轉自 西索oO 51CTO博客，原文鏈接:http://blog.51cto.com/lansgg/1697247

總結

以上是生活随笔為你收集整理的git仓库服务器SSH认证示例的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。