Running a “secure” git server over SSH without gitosis/gitolite?

Question

Is it possible to run a git server over ssh, using authorized_keys and command= to restrict access to only the git repositories, without using gitosis/

Answer 1

EDIT: Not sure about all of the sudden negative rankings; I am obviously not saying to use Gitolite as the OP specifically asked not to use it. I am simply stating that what he is asking for is 95% of what Gitolite's tiny source code does and hence I'm telling him where in it's source he can find the snippet he would want to copy to roll his own.

---

Yes, gitolite does exactly just that. It doesn't swap out the user's shell either.

cat ~/.ssh/authorized_keys
command="/home/git/.gitolite/src/gl-auth-command jbruce",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAD3NzaC1yc2EABBBCIwAAAQEAtRFmADxUSCX97CS/Uh7/N0y0vL...

Notice this doesn't look like a normal authorized_keys on the server, it also passes the username as a parameter so that the executed script knows who this ssh key belongs to. The additional benefit of not switching the user's shell (while still keeping it secure) is that if you try to ssh directly into the machine it will not only terminate the session but tell you which repos you have access to before it terminates, if it knows who you are.

Answer 2

You can put this at the beginning of each line in authorized_keys2:

no-port-forwarding,no-agent-forwarding,command="/usr/bin/git-shell -c \"$SSH_ORIGINAL_COMMAND\"" 

That'll allow only git commands over ssh, but will still let you become that user if you need to mess around (from another account):

sudo -u git -i

Answer 3

Yes, assign the git shell as the login shell for all users which shall only have git access.