Can you specify git-shell in .ssh/authorized_keys to restrict access to only git commands via ssh?

git ssh

The following works for me.

In ~/.ssh/authorized_keys:

command="./gitserve",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-dss AAAAB…

In the ~/gitserve script:

#!/bin/sh
exec git-shell -c "$SSH_ORIGINAL_COMMAND"

Note that if you put gitserve somewhere other than the home directory, you will have to adjust the command="./gitserve" parameter in authorized_keys.


I could successfully use git-shell directly in the authorizedKeys file without using an additionnal script.

The key is to add \" around the env variable.

Tested in rhel6 openssh-server-5.3p1-70.el6.x86_64:

no-port-forwarding,no-agent-forwarding,command="git-shell -c \"$SSH_ORIGINAL_COMMAND\"" ssh-dss AAAA...

Related

sshfs device is busy
Swap partition size on a 64 GB RAM computer for memory-intensive work
How to generate an MP4 with H.265 codec using FFmpeg?
Can't Copy to Clipboard from Vim
Open browser in host system from Windows Subsystem for Linux?
Is Mac OS X open source?
Taskkill.exe: don't throw an error if the process is not running
Is this definition of BIOS incorrect?
Change Terminal Title in Mac OS X
"sudo: port: command not found" after installing MacPorts on Snow leopard
Is there a command-line method to split a multi-page PDF file into single pages?
Why use CONCATENATE vs & in Excel?