Halaman utama Jelajahi Bantuan
Masuk
Parabola
/
hackers
cermin dari https://git.parabola.nu/hackers.git
Liatin 2
Bintangi 0
Fork 0
Berkas Masalah 0 Wiki

Parabola Hackers SSH pubkeys

Cabang: old
Ranting Tag
hackers
ZIP TAR.GZ
André Fabian Silva Delgado 7646c36b94 update keys 8 tahun lalu
git-hooks 8c0ba8357e Deploy current branch 11 tahun lalu
git-shell-commands e3f6b8e324 lukeshu-ify the git-shell-commands 10 tahun lalu
parabola-keyring 7646c36b94 update keys 8 tahun lalu
.gitignore dec310450e add encyclomundi key again 10 tahun lalu
Makefile 3f1168d2b0 Appropiately call the update hook 12 tahun lalu
README.markdown 650750cae5 Ensure we start with some pubkeys 12 tahun lalu
authorized_keys 443b2949a9 add gravi ssh key 10 tahun lalu
ssh_config ad233fd5e1 Configure local user also 12 tahun lalu

README.markdown

Hackers

What's this? Why?

Hackers is a simple git repository management tool. I started this for Parabola GNU/Linux-libre when our gitosis broke and was never fixed. We didn't need gitosis' granular permissions anyway.

Hackers.git allows for decentralized management, since any hacker added can add new keys, own and others'.

It uses the git-shell to allow users to do git repository tasks (create a repo, mirror one, etc.) using ssh to connect to the repository server.

Install

Clone hackers.git somewhere and add yours and other people's SSH pubkeys (at least yours) to the authorized_keys file, then commit.

This step can be done in a single step with make bootstrap (or let the next step do it). If you don't you won't be able to login later!

Run make PREFIX=/srv/git as root, where PREFIX is the git root. Check the Makefile itself to see other options.

Now you can use ssh git@host command arguments, run the help command to list commands and arguments available.

Host requirements

You'll need git-shell, on Parabola it's on the git package. Also a working ssh daemon with "AuthorizedKeysFile .ssh/authorized_keys" (default in most installations).

Local configuration

On your hacking user, you can add this to your ~/.ssh/config

Host git
  HostName git_hostname_can_be_localhost
  User git

The repo URL will be git:repo.git or ssh://gitPREFIX/repo.git.

How to add new keys

  • Add your key to the authorized_keys file on your local clone
  • Change the key comment to the "Name name@email.nu" format (just for keeping it tidy)
  • Commit
  • Push if you have push privileges and you're adding a new hacker, or
  • Run git format-patch HEAD-1 and send the generated patches to one of the other hackers listed.

How does this work?

There's a post-receive hook on the origin hackers.git repository that updates a clone on ~/.ssh. Any change pushed to it is immediately reflected in access privileges for the git user.

Is this insecure?

git is an unprivileged user. If you know how to skip this and gain access to our servers be kind and let us now ;)