Posts Tagged ‘Mac OSX’

How to configure remote shared access to a git repository on Ubuntu using SSH keys

Requirements: I have a need to share a git repository on a publicly facing server with our development team who are geographically disparate. The team should not have full root SSH access to the server, and the repository should be private (not publicly accessible).

We would like to use SSH keys for authentication so that the developer does not have to type in their password each time they issue a git command that interacts with the server.

These instructions assume Ubuntu Linux 10.04 and Mac OS X client. The instructions are pretty identical if your local workstation is some flavour of Linux. If you want instructions on how to generate a SSH key on Windows, follow these instructions from github.com, which are listed at the bottom of this post.

Begin on the server in question that we’ll call repository.yourtestserver.com:

#create a group for a repository
create group in webmin (gittestuser)

#create a user for the repository and add it to the group.
#Make sure and create a home directory for that user.
create user in webmin (gittestuser)

#give the group rights to the repository – in our example: gittest

chgrp -R gittestuser /srv/repos/git/gittest
chmod -R g+swX /srv/repos/git/gittest

then issue these commands

su gittestuser              # switch to the git user
cd ~                            # change to gittestuser's home directory
mkdir .ssh                   # make the .ssh dir
touch .ssh/authorized_keys      # create an empty authorized_keys file

On Mac OS X client
#generate your local SSH Public key

cd ~/.ssh
ssh-keygen -t rsa -C "david@symetrikdesign-test.com"

# stores it in /.ssh/

cd ~/.ssh

#copy the public key to the .ssh/authorized_keys file for the gittestuser user using
#handy utility called ssh-copy-id
NOTE: You will need to download a copy of the ssh-copy-id script which is not part of Mac OS X for some reason.
#install and set permissions for ssh-copy-id on your local Mac OS X machine

$ sudo curl "http://phildawson.co.uk/ssh-copy-id" -o /usr/bin/ssh-copy-id
$ sudo chmod +x /usr/bin/ssh-copy-id

#once you’ve downloaded the ssh-copy-id script, you want to use it to copy your rsa id to the ~/.ssh/authorized_keys file on the server using the following command.

$ /usr/bin/ssh-copy-id gittestuser@repository.yourtestserver.com

#SSH into the server with root and verify that the authorized_keys file has been updated

$ ssh root@repository.gittestserver.com
$ less /home/gittestuser/.ssh/authorized_keys

#test ssh access using the gittestuser account and that it is using the SSH key, not requiring a password

$ ssh gittestuser@repository.gittestserver.com

#Once, normal SSH access is enabled change the shell for gittestuser to /usr/lib/git-core/git-shell
#so that the only type of access the user has to the server is git.
#First, find out where the git-shell is located:

$ which git-shell
$ which results in "/usr/lib/git-core/git-shell"

#edit passwd file for gittestuser (make sure you are logged in as root if not, use sudo)

$ sudo nano /etc/passwd

#change gittestuser shell from /bin/sh to /usr/lib/git-core/git-shell the following line should look like:

gittestuser:x:1000:100::/home/gittestuser:/usr/lib/git-core/git-shell

I’ve also found that you can change the shell to /usr/lib/git-core/git-shell by editing the user through the webmin interface, which is obviously alot easier.

#Now you can try accessing the server with the shell changed and you should be disconnected.
#The following lines are what you should see when trying to connect via regular shell.

fatal: What do you think I am? A shell?
Connection to repository.gittestserver.com closed.

The reason that you change the shell, is so that your developers can only issue git type commands on the server through SSH access, they don’t get any real SSH access to the server.

#now try to clone the repository from the local Mac OS X machine.

git clone gittestuser@repository.gittestserver.com:/srv/repos/git/gittest/.git

Instructions for Windows that may be helpful to you:
For Windows, the best way to do generate an SSH key is to install Win/msysgit, the instructions for Win/msysgit can be found at github.com

The instructions for generating the key are very similar to Linux, but can be found here.

I have to admit that I’m confused by Apple

I don’t know about you, but I’ve always been confused by Apple’s code names for their operating systems.

Leopard, Tiger, Cheetah, Alley Cat, Tom Cat, and now Snow Leapord…

I always get confused as to which “dot” release is associated with which beast.

Will Snow Leapord be 10.6?

The wikipedia article on Apple OS X has a table which highlights which beast goes with what “dot” release, but I don’t want to visit it each time I forget.

What do you think about paying $29 USD for a “dot” release of the OS? Snow Leopard comes out at the end of the month, and I think they are pushing the envelop a bit.

One of the features listed on the Apple website is:

More reliable disk eject.

Snow Leopard improves the reliability of ejecting discs and external drives. Sometimes when an application or process is using the files on a drive, Mac OS X prevents you from ejecting it, but you don’t always know why. In Snow Leopard, you’ll get fewer of those errors and when you do get them, you’ll see exactly which application is using the drive, so you can quit it and eject the drive properly.

I guess I’ve just gotten spoiled with all the frequent free updates that I get from both MS and Apple that paying for one seems absurd.

BlackBerry for Mac – PocketMac for BlackBerry

You may have known about this for some time, but i’ve just discovered the PocketMac for Blackberry software that is available from RIM.

I was helping a friend backup/synch his contacts on his Blackberry Pearl yesterday and we were just about to purchase and download the Missing Synch, but a Google search yielded the PocketMac for Blackberry software, and the update, which are both available here.

It works very well, and the default configuration is to synch your contacts with the Mac OS X address book, you calendar entries and tasks with your iCal calendar.

It was simple to configure (actually I didn’t have to change anything), simple to use, and FREE.

kudos to RIM for this. I might actually consider buying a personal Blackberry now versus a iPhone or other smartphone.

I’ve been in the market for a smartphone, but many of them (non iPhone or Blackberry) don’t easily synch with the Mac’s. This makes the choice for a Blackberry much easier for me.

I’m wondering how I missed the release of this though?

Consulting

I'm currently available
for Lotus Notes / Domino consulting engagements.

LinkedIn

Connect with me:

LinkedIn

Advertisement
Advertisement
Categories