I had a similar issue a while back and we made use of 'SSH keys' for authentication -
1) Make sure that each of your users has a 'SSH key pair'. You can generate one with 'ssh-keygen' if they don't have it, many samples to be found at -
using ssh-keygen[
^]
To collect each user's public key '~/.ssh/id_rsa.pub or similar)'
2) On your server, go to your Git repository's directory, inside the repository, create a folder named 'hooks' if it does not exist.
3)Inside your hooks folder, create a file named 'pre-receive' with no file extension at naming at all.
Add the following script to the 'pre-receive' file -
while read oldrev newrev refname
do
if [ "$refname" == "refs/heads/master" ]; then
authorized_keys="/path/to/your/authorized_keys_file"
git rev-list $oldrev..$newrev | xargs -I {} ssh-keyscan -t rsa {} >> $authorized_keys
fi
done
Now make the script executable -
chmod +x pre-receive
4) Create a file to store authorized keys e.g., '/path/to/authorized_keys_file'. Add your public keys of users who should have access, one per line.
5) Make sure that the pre-receive script and the authorized keys file are accessible and have the right permissions.
6) To test your set-up, try to clone your repository using git clone over SSH. Users without authorized keys should not be able to push.
Submit an article or tip