Installing mercurial-server over ssh from source
Universal installation of mercurial-server over ssh, from zero to 100%.
I constantly use the aivus topic , but unfortunately it is usually not enough.
I’ll configure it for mercurial-server 1.3, fedora 16. If you have errors while trying to use the post, write in the comments the system and the essence of the error, we will solve it.
Install and configure yourself
Get the source:
Install mercurial-server
I prefer to transfer all scripts to one place.
We need to activate public key authorization
Uncomment or add lines
We will also make a single key storage center
All user keys of mercurial-server are stored at
/ etc / mercurial-server / keys / during refresh-auth startup (must be run each time a user is added), all keys are recorded in /var/lib/mercurial-server/.ssh/authorized_keys
To make sshd accept these keys, do the following
It does not need to be done if you are going to manage keys only through hgadmin!
Create the mercurial-server admin key (on the client)
If you missed the finishing touch, go through ssh and execute all the commands manually.
Be sure to enter a complex password for the ssh key! Eliminate the possibility of leakage of the ~ / .ssh / id_rsa file to third parties!
Now check the access:
If you received exactly these lines, then sshd accepts your keys, now try:
If within 30 seconds you did not receive any errors, then the connection is configured and you can use your server.
For me, the most common mistake (out of three installations: ubuntu 10.04 server, linux mint 12, fedora 16) was the following:
A solution to this problem can be found at stackoverflow.com/questions/6730735/troubles-with-mercurial-1-9-and-ssh
Especially lazy can use the patch (patch hg-ssh patch_file):
I constantly use the aivus topic , but unfortunately it is usually not enough.
I’ll configure it for mercurial-server 1.3, fedora 16. If you have errors while trying to use the post, write in the comments the system and the essence of the error, we will solve it.
Training
Install and configure yourself
- wget
- nano
- python
- mercuial
Installation
Get the source:
wget http://dev.lshift.net/paul/mercurial-server/mercurial-server_1.3.tar.gz
tar -xf mercurial-server_1.3.tar.gz
cd mercurial-server-1.3
Install mercurial-server
python setup.py build
python setup.py install
I prefer to transfer all scripts to one place.
cp scripts*/* /var/lib/mercurial-server/
Sshd setup
We need to activate public key authorization
nano /etc/ssh/sshd_config
Uncomment or add lines
RSAAuthentication yes
PubkeyAuthentication yes
We will also make a single key storage center
AuthorizedKeysFile /etc/ssh/keys/%u.pub
mkdir /etc/ssh/keys
Key translation in sshd
All user keys of mercurial-server are stored at
/ etc / mercurial-server / keys / during refresh-auth startup (must be run each time a user is added), all keys are recorded in /var/lib/mercurial-server/.ssh/authorized_keys
To make sshd accept these keys, do the following
touch /var/lib/mercurial-server/.ssh/authorized_keys
chmod 644 /var/lib/mercurial-server/.ssh/authorized_keys
ln /var/lib/mercurial-server/.ssh/authorized_keys /etc/ssh/keys/hg.pub
Finishing touch
It does not need to be done if you are going to manage keys only through hgadmin!
touch /usr/bin/hg-update-users
chmod 744 /usr/bin/hg-update-users
nano /usr/bin/hg-update-users
chown hg -R /etc/mercurial-server/keys/
chmod 444 -R /etc/mercurial-server/keys/
sudo -u hg /var/lib/mercurial-server/refresh-auth
Check
Create the mercurial-server admin key (on the client)
ssh-keygen
scp ~/.ssh/id_rsa.pub root@ваш_сервер:/etc/mercurial-server/keys/root/
ssh root@ваш_сервер 'hg-update-users'
If you missed the finishing touch, go through ssh and execute all the commands manually.
Be sure to enter a complex password for the ssh key! Eliminate the possibility of leakage of the ~ / .ssh / id_rsa file to third parties!
Now check the access:
$ ssh hg@ваш_сервер
PTY allocation request failed on channel 0
mercurial-server: direct logins on the hg account prohibited
Connection to ваш_сервер closed.
If you received exactly these lines, then sshd accepts your keys, now try:
ssh hg@ваш_сервер 'hg -R hgadmin serve --stdio'
If within 30 seconds you did not receive any errors, then the connection is configured and you can use your server.
Troubleshooting
For me, the most common mistake (out of three installations: ubuntu 10.04 server, linux mint 12, fedora 16) was the following:
$ssh hg@ваш_сервер 'hg -R hgadmin serve --stdio'
Traceback (most recent call last):
File "/var/lib/mercurial-server/hg-ssh", line 86, in
dispatch.dispatch(['-R', repo, 'serve', '--stdio'])
File "/usr/lib64/python2.7/site-packages/mercurial/dispatch.py", line 31, in dispatch
if req.ferr:
AttributeError: 'list' object has no attribute 'ferr'
A solution to this problem can be found at stackoverflow.com/questions/6730735/troubles-with-mercurial-1-9-and-ssh
Especially lazy can use the patch (patch hg-ssh patch_file):
--- hg-ssh_old 2012-12-27 00:49:04.764989364 +0300
+++ hg-ssh 2012-12-27 00:50:16.173113572 +0300
@@ -83,7 +83,7 @@
repo = getrepo("read", cmd[6:-14])
if not os.path.isdir(repo + "/.hg"):
fail("no such repository %s" % repo)
- dispatch.dispatch(['-R', repo, 'serve', '--stdio'])
+ dispatch.dispatch(dispatch.request(['-R', repo, 'serve', '--stdio']))
elif cmd.startswith('hg init '):
repo = getrepo("init", cmd[8:])
if os.path.exists(repo):
@@ -91,7 +91,7 @@
d = os.path.dirname(repo)
if d != "" and not os.path.isdir(d):
os.makedirs(d)
- dispatch.dispatch(['init', repo])
+ dispatch.dispatch(dispatch.request(['init', repo]))
else:
fail("illegal command %r" % cmd)