git-shell
Restricted login shell for Git -only SSH access
SYNOPSIS
chsh -s $(command -v git -shell) <user> gitclone <user> @localhost:/path/to/repo.git ssh <user> @localhost
DESCRIPTION
COMMANDS
gitreceive -pack <argument> , gitupload -pack <argument> , gitupload -archive <argument> Call the corresponding server -side command to support the client gitpush , gitfetch ,or gitarchive --remote request .
cvsserver Imitate a CVS server . See git-cvsserver (1). If a ~/git-shell -commands directory is present, gitshell will also handle other, custom commands by running " git-shell -commands/<command> <arguments> "from the user home directory .
INTERACTIVE USE
EXAMPLES
$ chsh -s /usr/bin/git -shell $ mkdir $HOME/git -shell -commands $ cat >$HOME/git -shell -commands/no -interactive -login << \ EOF #!/bin/sh printf (Aq%s \ n (Aq "Hi $USER! You (Aqve successfully authenticated, but I do not" printf (Aq%s \ n (Aq "provide interactive shell access ." exit 128 EOF $ chmod +x $HOME/git -shell -commands/no -interactive -login .RE To enable git -cvsserver access (which should generally have the no-interactive -login example above as a prerequisite, as creating the git -shell -commands directory allows interactive logins): .RS 4
$ cat >$HOME/git -shell -commands/cvs << \ EOF if ! test $# = 1 && test "$1" = "server" then echo >&2 "git -cvsserver only handles \ "server \ exit 1 fi exec git cvsserver server EOF $ chmod +x $HOME/git -shell -commands/cvs .RE
GIT
SEE ALSO
ssh(1), git-daemon(1),contrib/git -shell -commands/README