git-server-docker-stagit

git-server-with-stagit
git clone git://git.andersuno.nu/git-server-docker-stagit.git
Log | Files | Refs | README
commit af446d2633030c76b30db0c256108a4ca370b1de
parent 35caf76a48cc639a6e9a529776d3ad034149d905
Author: Akuario <jkarlos.b@gmail.com>
Date:   Wed, 27 Jul 2016 13:21:18 +0200

Fixed ssh keys bug

Diffstat:

MDockerfile | 2++


Msshd_config | 19++++++++++---------


Mstart.sh | 5+++--


3 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/Dockerfile b/Dockerfile
@@ -19,6 +19,8 @@ WORKDIR /git-server/
 # Con -D no creamos password, con -s le cambiamos la shell
 RUN mkdir /git-server/keys \
   && adduser -D -s /usr/bin/git-shell git \
+  #&& adduser -D git \
+  && echo git:12345 | chpasswd \
   && mkdir /home/git/.ssh
 
 COPY sshd_config /etc/ssh/sshd_config
diff --git a/sshd_config b/sshd_config
@@ -16,15 +16,15 @@
 #ListenAddress ::
 
 # The default requires explicit activation of protocol 1
-Protocol 2
+#Protocol 2
 
 # HostKey for protocol version 1
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
-HostKey /etc/ssh/ssh_host_rsa_key
-HostKey /etc/ssh/ssh_host_dsa_key
-HostKey /etc/ssh/ssh_host_ecdsa_key
-HostKey /etc/ssh/ssh_host_ed25519_key
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_dsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
 
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h
@@ -46,12 +46,13 @@ HostKey /etc/ssh/ssh_host_ed25519_key
 #MaxAuthTries 6
 #MaxSessions 10
 
-#RSAAuthentication yes
+RSAAuthentication yes
 PubkeyAuthentication yes
 
 # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
 # but this is overridden so installations will only check .ssh/authorized_keys
 AuthorizedKeysFile	.ssh/authorized_keys
+#AuthorizedKeysFile	/home/git/.ssh/authorized_keys
 
 #AuthorizedPrincipalsFile none
 
@@ -76,13 +77,13 @@ PasswordAuthentication no
 #ChallengeResponseAuthentication yes
 
 # Kerberos options
-#KerberosAuthentication no
+KerberosAuthentication no
 #KerberosOrLocalPasswd yes
 #KerberosTicketCleanup yes
 #KerberosGetAFSToken no
 
 # GSSAPI options
-#GSSAPIAuthentication no
+GSSAPIAuthentication no
 #GSSAPICleanupCredentials yes
 
 # Set this to 'yes' to enable PAM authentication, account processing,
@@ -128,7 +129,7 @@ Subsystem	sftp	/usr/lib/ssh/sftp-server
 # the following are HPN related configuration options
 # tcp receive buffer polling. disable in non autotuning kernels
 #TcpRcvBufPoll yes
- 
+
 # disable hpn performance boosts
 #HPNDisabled no
 
diff --git a/start.sh b/start.sh
@@ -4,9 +4,10 @@ cd /home/git
 
 # Si hay alguna clave pública en la carpeta de keys
 if [ "$(ls -A /git-server/keys/)" ]; then
-  cat /git-server/keys/*.pub > .ssh/authorized_keys
+  cat /git-server/keys/*.pub >> .ssh/authorized_keys
   chown -R git:git .ssh
-  chmod -R a=rw+X,o-w .ssh
+  chmod 700 .ssh
+  chmod -R 600 .ssh/*
 fi
 
 # Bandera -D para que no se ejecute como demonio