For current project I do not use “gitolite”, because I want to install project for few developers as fast as it possible — I don’t need “gitolite” functionality. But if you want to have different access levels for users, you should use gitolite. I will describe it, but later.
Firstly, we should generate public key using our private key.We have our private key on local machine and you use it to connect to amazon server, so lets use it:
Btw, if you want, you can generate a new private key, in this case you will have different key for git.
Then switch to amazon instance console and create user git (I will create repository on server with IP 220.127.116.11):
- sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git
sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git
And use git user:
Add public key that we have already generated on local machine to your Amazon Server:
- touch ~/.ssh/authorized_keys
- chmod 600 ~/.ssh/authorized_keys
- vim ~/.ssh/authorized_key
touch ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys vim ~/.ssh/authorized_key
and paste in ~/.ssh/authorized_key generated key from output after execution
ssh-keygen -y -f ~/.ssh/amazon.private.pem
After this operations your ~/.ssh/authorized_key will look like this (I have already added 2 user keys, you will have only one key):
- ssh-rsa AAAAB3NzaC1yc2EAAAADA.....vWe4xn8n+3OHe35 firstname.lastname@example.org
- ssh-rsa AAAAB3N.......Uw3bM6KKM+LU/iqCwr4MeOj email@example.com
ssh-rsa AAAAB3NzaC1yc2EAAAADA.....vWe4xn8n+3OHe35 firstname.lastname@example.org ssh-rsa AAAAB3N.......Uw3bM6KKM+LU/iqCwr4MeOj email@example.com
If you do not want to add manually keys in ~/.ssh/authorized_keys, you can do next operations:
- create key ~/.ssh/username.pem and put inside public key (output from
ssh-keygen -y -f ~/.ssh/amazon.private.pem)
- Add key to ~/.ssh/authorized_keys with command:
cat ~/.ssh/username.pem >> ~/.ssh/authorized_keys
Lets continue and create test repository on amazon server:
- cd ~/repositories/
- git init --bare test-project.git
cd ~/repositories/ git init --bare test-project.git
Now we can switch to local machine and try to clone empty repository:
- git clone firstname.lastname@example.org:/home/git/repositories/test-project.git
git clone email@example.com:/home/git/repositories/test-project.git
If you get error like this:
- Permission denied (publickey).
- fatal: Could not read from remote repository.
- Please make sure you have the correct access rights
- and the repository exists.
…. Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. …
It means that during connection, ssh uses incorrect private key. Lets configure it on local machine:
And add next lines:
- Host 18.104.22.168
- IdentityFile /Users/alex/.ssh/amazon.private.pem
- User git
Host 22.214.171.124 IdentityFile /Users/alex/.ssh/amazon.private.pem User git
Also, to check ssh connection, you can do something like this:
If you are not sure (on some reason) which key you have to use, use can try connect via SSH using different private keys. You can specify key using parameter “-i”:
- ssh -i ~/.ssh/amazon.private.pem firstname.lastname@example.org
ssh -i ~/.ssh/amazon.private.pem email@example.com
Or you can simply regenerate public key using private key that you want to use and put it again in ~/.ssh/authorized_keys on Amazon EC2 Server. When you are sure which exactly private key you have to use, you can write it in ~/.ssh/config
Then you can make initial commit on your local and push your changes to repository.