Install gitolite on a Centos server

I killed a couple of days to install Gitolite. It seems like a bunch of instructions on the Internet, and the process is globally not complicated. But in no article is there a complete order of the teams that need to be done so that the whole thing works without problems.

It is understood that the reader understands what git and gitolite are and is able to work with them, only the installation issue is considered.

In the code you need to replace it with your values:
server_name_or_ip - Server name or IP address
username - The name of the user who will become the gitolite administrator.

Operating systems: server - Centos 6.6, the computer from which I work - OS X 10.10.2

Key Access Setting

On the server, create a user git and set a password for it:

useradd git
passwd git

On the local machine, create a key for the current user:

ssh-keygen -t rsa -b 2048

For greater security, replace 2048 with 4096.
And send the key to the server (the option was tested only on mac - but, it seems, the Linux syntax is no different):

cat ~/.ssh/ | ssh git@server_name_or_ip "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"

We set the rights to the .ssh folder and the key file on the server (without this, key authorization will not work):

chmod 700 /home/git/.ssh/
chmod 600 /home/git/.ssh/authorized_keys

We go to the server in the file / etc / ssh / sshd_config (not to be confused with ssh_config) and uncomment the lines:

RSAAutentification yes
PubkeyAutentification yes
AuthorizedKeysFile .ssh/authorized_keys

Restart the sshd daemon on the server :

service sshd restart

Check ssh access without password from the local machine :

ssh -i ~/.ssh/id_dsa  git@server_name_or_ip

Gitolite installation

On the server :

su git
cd ~
git clone git://
mkdir -p ~/bin
gitolite/install -to ~/bin
gl-setup -q ~/

Next, go to the server in the /home/git/.ssh/authorized_keys file and delete the first key that was not created by gitolite - this is important, otherwise it won’t work (one of the options can also be simply to use 2 different keys - the main thing is to understand that if there is a key that authorizes via SSH, then gitolite will not work with it).

Checking the performance of the keys ( on the server ):

/home/git/gitolite/src/gitolite sshkeys-lint

The path to the repository for administering gitolite:


For security reasons, we close access to the git user via ssh. We leave only the opportunity to work with git. To do this, go to the / etc / passwd file and change the line for the git user from / bin / bash to / usr / bin / git-shell

If something went wrong

Delete ( on the server ) the git user:

userdel git

Delete all files from its folder and the home directory itself. I have this / home / git /.

We are trying to do it all over again.

Also popular now: