Git-Logo

Git repository with SSH access

For current project I do not use “gitolite”, because I want to install project for few developers as fast as it possible — I don’t need “gitolite” functionality. But if you want to have different access levels for users, you should use gitolite. I will describe it, but later.

Firstly, we should generate public key using our private key.We have our private key on local machine and you use it to connect to amazon server, so lets use it:

  1. ssh-keygen -y -f ~/.ssh/amazon.private.pem
ssh-keygen -y -f ~/.ssh/amazon.private.pem

Btw, if you want, you can generate a new private key, in this case you will have different key for git.

Then switch to amazon instance console and create user git (I will create repository on server with IP 54.191.103.189):

  1. sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git
sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git

And use git user:

  1. sudo su - git
sudo su - git

Add public key that we have already generated on local machine to your Amazon Server:

  1. touch ~/.ssh/authorized_keys
  2. chmod 600 ~/.ssh/authorized_keys
  3. vim ~/.ssh/authorized_key
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
vim ~/.ssh/authorized_key

and paste in ~/.ssh/authorized_key generated key from output after execution ssh-keygen -y -f ~/.ssh/amazon.private.pem

After this operations your ~/.ssh/authorized_key will look like this (I have already added 2 user keys, you will have only one key):

  1. ssh-rsa AAAAB3NzaC1yc2EAAAADA.....vWe4xn8n+3OHe35 useremail@mail.com
  2. ssh-rsa AAAAB3N.......Uw3bM6KKM+LU/iqCwr4MeOj user2email@mail.com
ssh-rsa AAAAB3NzaC1yc2EAAAADA.....vWe4xn8n+3OHe35 useremail@mail.com
ssh-rsa AAAAB3N.......Uw3bM6KKM+LU/iqCwr4MeOj user2email@mail.com

If you do not want to add manually keys in ~/.ssh/authorized_keys, you can do next operations:

  • create key ~/.ssh/username.pem and put inside public key (output from ssh-keygen -y -f ~/.ssh/amazon.private.pem)
  • Add key to ~/.ssh/authorized_keys with command: cat ~/.ssh/username.pem >> ~/.ssh/authorized_keys

Lets continue and create test repository on amazon server:

  1. cd ~/repositories/
  2. git init --bare test-project.git
cd ~/repositories/
git init --bare test-project.git

Now we can switch to local machine and try to clone empty repository:

  1. git clone git@54.191.103.189:/home/git/repositories/test-project.git
git clone git@54.191.103.189:/home/git/repositories/test-project.git

If you get error like this:

  1. .
  2. Permission denied (publickey).
  3. fatal: Could not read from remote repository.
  4.  
  5. Please make sure you have the correct access rights
  6. and the repository exists.
….
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
…

 

It means that during connection, ssh uses incorrect private key. Lets configure it on local machine:

Open file

  1. sudo vim ~/.ssh/config
sudo vim ~/.ssh/config

And add next lines:

  1.     Host 54.191.103.189
  2.        IdentityFile /Users/alex/.ssh/amazon.private.pem
  3.        User git
    Host 54.191.103.189
       IdentityFile /Users/alex/.ssh/amazon.private.pem
       User git

Also, to check ssh connection, you can do something like this:

  1. ssh git@54.191.103.189
ssh git@54.191.103.189

If you are not sure (on some reason) which key you have to use, use can try connect via SSH using different private keys. You can specify key using parameter “-i”:

  1. ssh -i ~/.ssh/amazon.private.pem git@54.191.103.189
ssh -i ~/.ssh/amazon.private.pem git@54.191.103.189

Or you can simply regenerate public key using private key that you want to use and put it again in ~/.ssh/authorized_keys on Amazon EC2 Server. When you are sure which exactly private key you have to use, you can write it in ~/.ssh/config

Then you can make initial commit on your local and push your changes to repository.

It's only fair to share...Share on FacebookShare on Google+Tweet about this on TwitterEmail this to someoneShare on LinkedIn

Aboutalex

Вэб-программист. Занимаюсь разработкой cервисов, написанием API, вэб-приложений. Интересна разработка приложений для высоконагруженных систем, анализ данных..

Добавить комментарий

Ваш e-mail не будет опубликован. Обязательные поля помечены *

семь + 4 =