table of contents
other versions
- wheezy 1:1.7.10.4-1+wheezy3
- wheezy-backports 1:1.9.1-1~bpo70+2
- jessie 1:2.1.4-2.1+deb8u2
- jessie-backports 1:2.11.0-3~bpo8+1
- testing 1:2.11.0-3
- unstable 1:2.11.0-4
- experimental 1:2.13.1+next.20170610-1
GIT-SHELL(1) | Git Manual | GIT-SHELL(1) |
NAME¶
git-shell - Restricted login shell for Git-only SSH accessSYNOPSIS¶
chsh -s $(command -v git-shell) <user> git clone <user>@localhost:/path/to/repo.git ssh <user>@localhost
DESCRIPTION¶
This is a login shell for SSH accounts to provide restricted Git access. It permits execution only of server-side Git commands implementing the pull/push functionality, plus custom commands present in a subdirectory named git-shell-commands in the user’s home directory.COMMANDS¶
git shell accepts the following commands after the -c option: git receive-pack <argument>, git upload-pack <argument>, git upload-archive <argument>Call the corresponding server-side command to
support the client’s git push, git fetch, or git
archive --remote request.
cvs server
Imitate a CVS server. See
git-cvsserver(1).
INTERACTIVE USE¶
By default, the commands above can be executed only with the -c option; the shell is not interactive.EXAMPLE¶
To disable interactive logins, displaying a greeting instead:$ chsh -s /usr/bin/git-shell $ mkdir $HOME/git-shell-commands $ cat >$HOME/git-shell-commands/no-interactive-login <<\EOF #!/bin/sh printf '%s\n' "Hi $USER! You've successfully authenticated, but I do not" printf '%s\n' "provide interactive shell access." exit 128 EOF $ chmod +x $HOME/git-shell-commands/no-interactive-login
SEE ALSO¶
ssh(1), git-daemon(1), contrib/git-shell-commands/READMEGIT¶
Part of the git(1) suite04/08/2014 | Git 1.9.1 |