Re: How does gitosis know who the key belongs to

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2009/9/25 Howard Miller <howard@xxxxxxxxxxxxxxxxxxx>:
> Hi,
>
> I don't really understand the answers I have been given. Trying
> desperately not to "top post" see bellow...
>
> 2009/9/24 Matthieu Moy <Matthieu.Moy@xxxxxxxxxxxxxxx>:
>> Heiko Voigt <hvoigt@xxxxxxxxxx> writes:
>>
>>> On Thu, Sep 24, 2009 at 03:51:44PM +0100, Howard Miller wrote:
>>>> Gitosis obviously uses keypairs but the config file addresses the user
>>>> by name/host. How does gitosis connect the two together? Is it any
>>>> more complicated than the user detail at the end of the public key?
>>
>> The user@host at the end of the public key is mostly a comment. No
>> serious software would use it for authentication, since you can freely
>> edit it without changing the rest of the key.
>>
>>> Not much different. It uses the command feature of the authorized_keys
>>> file of ssh to limit access to the 'gitosis-serve' command which is
>>> given the username from the gitosis.conf as argument.
>>
>> ... the username -> key association being done in gitosis's
>> configuration itself (the key held in keydir/foobar is the one of user
>> foobar).
>
>
> Yes, I realise that the association is done im gitosis' config file,
> but that is exactly my question - how does that association work?
>
> To take a step back - I have to put a name (or a name@hostname) in the
> configuration file. How do I know what that should be in the general
> sense? When I create a key it doesn't ask me for the username I want
> so I see a disconnect here. Do I put a name, do I put name@hostname,
> does it matter and (again) how does it know which is 'my' public key?
> Is it the naming convention of the key or something magic? Plus, when
> I actually use gitosis, I am logging as the user 'git' so how does it
> know who I am? I am thoroughly confused by the whole thing. I'm
> probably missing something really obvious but, AFAIK, this is not
> covered at all in the docs.
>
> Thanks!
>
> Howard
>


Ahh... just read Heiko's post properly and actually looked at the
authorized_keys file. This is now starting to make some sense. So the
name in config has to match that sent to gitosis-server presumably. I
still don't quite see the cause and effect. If I don't like being
howard@xxxxx and would rather be just 'howard' what can I change? It
tells me not to edit that file!
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]