This article will explain the steps to establish a private git server on your VPS or dedicated server, with the tutorial of how to connect to the git server in your client, especially on the windows platform with OpenSSH or Putty installed. At last we would try some Git web GUI clients such as Gitlab.
Setup a Git User and Install Git
At first we need to login the server (CentOS in this example) to install Git.
Setup a Git user and set a password for it.
sudo useradd git sudo passwd git
Disallow shell login of git user for more security.
sudo vi /etc/passwd Comment this line: ##git:x:502:502::/home/git:/bin/bash Add this line: git:x:502:502:git version control:/home/git:/usr/bin/git-shell
yum install git
Tips: I have added gitlab repository before and this error occurred:
[Errno -3] Error performing checksumwhen installing git;
ls /etc/yum.repos.dmay show:
CentOS-Base.repo epel.repo gitlab-ce.repo gitlab_gitlab-ce.repo
yum clean allafter
Install git again and the error would disappeared:
yum install git
Generate SSH Key and Setup
Next step we setup the ssh key authorization for git access.
Generate ssh public/private key pair on your computer (Remember putting password on the key file):
Mac/Linux: ssh-keygen -C "firstname.lastname@example.org"
With windows, if Git client (such as Git for Windows, msysGit etc.) was installed, we can use git bash to generate ssh key pair:
ssh-keygen -t rsa
If Putty – a popular ssh client for windows was installed, we can also generate key pair using puttygen.
Open puttygen.exe and click Generate:
Copy the public key for pasting into OpenSSH authorized_keys file which start with “ssh-rsa “. Pls note that the
Save public key button will save the public key in another format which is not we want. Click
Save private key button and save the file to a place.
Public key for git on server
Make sure RSA key authorization is open:
vi /etc/ssh/sshd_config : RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
Pasting the public key above to the git user’s home directory:
cd /home/git/ mkdir .ssh vi /home/git/.ssh/authorized_keys
On linux like platform, it’s convenient to execute one comment:
cat .ssh/id_rsa.pub | ssh email@example.com "cat >> ~/.ssh/authorized_keys"
Change the owner and permission to avoid “Putty server refused our key” or “putty fatal error connection refused” error in the followed step.
chown -R git.git /home/git/.ssh/ chmod 700 /home/git/.ssh/ chmod 644 /home/git/.ssh/authorized_keys
Private key on local computer
On Mac/Linux based system, private key is there and no need to do with private key anymore.
On Windows based system, however, there are two ways to make the ssh key authorization:
By using OpenSSH, after generating ssh key pair, the default public/private key is there:
C:\Users\Administrator\.ssh, and everything would be right in normal except in one case that you have ever installed TortoiseGIT or TortoiseSVN, who will creates an environment variable that configures Plink as your SSH keystore, which may conflict when you try to use Git and SSH. Git will not find key file in regular .ssh directory. So will find it and remove GIT_SSH variable would solved this problem. In windows 7, you can find it here:
CONTROL PANEL → SYSTEM → ADVANCED SYSTEM SETTINGS → ENVIRONMENT VARIABLES → GIT_SSH = E:\SVN\bin\TortoisePlink.exe or \Putty\plink.exe
We don’t recommend using Putty as it’s more complicated.
After generating key pair we need to set/add GIT_SSH environment variable to Putty Plink.exe, such as:
Then add private key to pageant, open PAGEANT.EXE and click “Add Keys”, add the private key save above which has an extension .ppk. It will asked the password passphrase for key.
To check your connection, switch to the putty installed directory and run Git Bash:
set Git putty git@ip_address_or_host:/gittreponame.git ssh -T git@ip_address_or_host
There is another way just using Putty, make sure GIT_SSH is set to Plink, GIT_SSH = E:\SVN\bin\TortoisePlink.exe for example, config host name or IP address, and port in Putty client, set the .ppk private key file in Connection->SSH->Auth section for authentication, at last save this configuration as a session. When connect with git repository, we can replace the ip_address_or_host with the saved session name. But I have no way to set the password passphrase with this method.
Setup Git Repository
Inside git’s home directory, we create a git repository on the server.
git init --bare my-project.git chown -R git.git my-project.git
On client, setup git profile after run Git Bash
git config --global user.name "Firstname Lastname" git config --global user.email "firstname.lastname@example.org"
Using git server on local client:
If new repository: git init && git remote add origin git@ip_address_or_host:/home/git/my-project.git If repo exist: git remote set-url origin git@ip_address_or_host:/home/git/my-project.git If ssh port is not 22: git remote add origin ssh://git@ip_address_or_host:1234/home/git/my-project.git Check the current remote URL: git remote -v
Commit an push a test.txt file. (If there is problem such as connection refuse, check the ssh error log:
git add . git commit -m "add test.txt" git push origin master
Git web Interface
It’s awesome if we can manage and view codes in our repos in browser. We can install and config a web interface like GitList, which is very easy to install and config, it requires only web server and PHP, MySQL or other databases are not needed at all. However GitList is simple, the project must be public, it doesn’t have rich feature like GitLab, which is written in Ruby.
If self-hosted Git private server or self-hosted GitLab web interface is too complicated, just try GitLab repos hosted in GitLab.com, it’s free, private, has user permission, unlimited repos etc. Login gitlab.com then create repo and add public keys in the dashboard profile field are the most easy work I think. Read more.