2

I'm in a project where all users from a LDAP server just have e-mails as unique identifier. I need to have users clone their projects from their remote home directories on a linux server. So I'm thinking about using the SSH protocol for GIT to athentication and authorization them.

But i'm facing problems when using the Eclipse EGit plugin, because the git clone command looks like this:

git clone jhon.smith@emailserver@reposerver:pathtosomeproject

Eclipse trying to help by escaping the @:

git clone jhon.smith%40emailserver@reposerver:pathtosomeproject

But this doesn't work, and it shows an authentication error. What I did was to put a '' in the e-mail.

git clone 'jhon.smith@emailserver'@reposerver:pathtosomeproject

This works well, but when Eclipse tries to list all branches with ls-remote in the next page, it says that cannot show with a message error.

My question is if someone has already experienced this requirements and has an alternative solution?

I don't know if Gitosis would help here, because the environment will not have groups, just users with their projects inside their home folders and using Eclipse EGit to clone and push the projects.

Thanks

Noah Clark
  • 8,101
  • 14
  • 74
  • 116
gabriel.ozeas
  • 35
  • 4

1 Answers1

0

First, gitosis is obsolete, use Gitolite.

Second, an ssh address is for an admin account (say 'gitadmin' for instance) of the Git repo server to check if one's public key is in that ~gitadmin/.ssh/authorized_keys.

When you uses an ssh address like "jhon.smith@emailserver@reposerver:pathtosomeproject", you ask to the reposerver SSH daemon to check ~jhon.smith@emailserver/.ssh/authorized_keys, which makes no sense (you have one Git admin account, not one per user!, and I doubt you would find on an unix server a user id name 'jhon.smith@emailserver')

Gitolite would help in that it would formalized the public key that each user would communicate. Read "adding and removing users", and "ssh basis".
The name of that public key will represent their 'id' as viewed from the Gitolite server.
(so don't take a complicated public ssh key like jhon.smith@emailserver! jhon.smith_emailserver and jhon.smith_emailserver.pub would do just fine, for instance)

Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • I may be misunderstanding, but I think the OP actually does have unix users with names like `~jhon.smith@emailserver`, and is not yet using gitosis. It's only in systems like gitosis/gitolite that there's only one git admin account. – Danica Jun 17 '12 at 19:22
  • @Dougal true, and a central place for using ssh authentication would avoid having to deal with curious account name (and would have the additional benefit of authorization management): so gitolite ftw. – VonC Jun 17 '12 at 19:39