Using command=""
in authorized_keys
, I can restrict the commands that can be run by a particular key.
What commands do I need to allow in order to have a functioning git remote?
From the Pro Git book I can infer that git-upload-pack
and git-receive-pack
are required, but is there anything else?
Note I still want to be able to log into the user normally, just not with this key.
Best Answer
Git includes a
git-shell
command suitable for use as a Git-only login shell. It accepts exactly the following commands:So these are the only commands you need to allow. Every version of Git I have access to only uses the hyphenated versions.
git-shell
itself may be good enough in itself for what you want to do, too.You can verify what Git is running for any particular command by setting
GIT_SSH
to a shim that echoes the arguments. Make a scriptssh.sh
:Then run:
and you will see the remote command it tried to run.