git-server-docker-stagit

git-server-with-stagit
git clone git://git.andersuno.nu/git-server-docker-stagit.git
Log | Files | Refs | README

commit af446d2633030c76b30db0c256108a4ca370b1de
parent 35caf76a48cc639a6e9a529776d3ad034149d905
Author: Akuario <jkarlos.b@gmail.com>
Date:   Wed, 27 Jul 2016 13:21:18 +0200

Fixed ssh keys bug

Diffstat:
MDockerfile | 2++
Msshd_config | 19++++++++++---------
Mstart.sh | 5+++--
3 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/Dockerfile b/Dockerfile @@ -19,6 +19,8 @@ WORKDIR /git-server/ # Con -D no creamos password, con -s le cambiamos la shell RUN mkdir /git-server/keys \ && adduser -D -s /usr/bin/git-shell git \ + #&& adduser -D git \ + && echo git:12345 | chpasswd \ && mkdir /home/git/.ssh COPY sshd_config /etc/ssh/sshd_config diff --git a/sshd_config b/sshd_config @@ -16,15 +16,15 @@ #ListenAddress :: # The default requires explicit activation of protocol 1 -Protocol 2 +#Protocol 2 # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 -HostKey /etc/ssh/ssh_host_rsa_key -HostKey /etc/ssh/ssh_host_dsa_key -HostKey /etc/ssh/ssh_host_ecdsa_key -HostKey /etc/ssh/ssh_host_ed25519_key +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h @@ -46,12 +46,13 @@ HostKey /etc/ssh/ssh_host_ed25519_key #MaxAuthTries 6 #MaxSessions 10 -#RSAAuthentication yes +RSAAuthentication yes PubkeyAuthentication yes # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 # but this is overridden so installations will only check .ssh/authorized_keys AuthorizedKeysFile .ssh/authorized_keys +#AuthorizedKeysFile /home/git/.ssh/authorized_keys #AuthorizedPrincipalsFile none @@ -76,13 +77,13 @@ PasswordAuthentication no #ChallengeResponseAuthentication yes # Kerberos options -#KerberosAuthentication no +KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options -#GSSAPIAuthentication no +GSSAPIAuthentication no #GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, @@ -128,7 +129,7 @@ Subsystem sftp /usr/lib/ssh/sftp-server # the following are HPN related configuration options # tcp receive buffer polling. disable in non autotuning kernels #TcpRcvBufPoll yes - + # disable hpn performance boosts #HPNDisabled no diff --git a/start.sh b/start.sh @@ -4,9 +4,10 @@ cd /home/git # Si hay alguna clave pública en la carpeta de keys if [ "$(ls -A /git-server/keys/)" ]; then - cat /git-server/keys/*.pub > .ssh/authorized_keys + cat /git-server/keys/*.pub >> .ssh/authorized_keys chown -R git:git .ssh - chmod -R a=rw+X,o-w .ssh + chmod 700 .ssh + chmod -R 600 .ssh/* fi # Bandera -D para que no se ejecute como demonio