Before starting, ensure you can ssh user@targetserver successfully - public/private keys are a smart choice here.
- Setup of repository at
targetserver - Push first working copy
- Lock down SSH user to Git only operations
Example here assumes all Git repository users are members of a gitusers group, adjust to suit.
$ mkdir -p ~/path/to/repository
$ cd ~/path/to/repository
$ git init --bare --shared=group
$ chgrp -R gitusers ~/path/to/repositoryAll done on targetserver.
Note: switch --shared=group used with git init adds core.sharedrepository = 1 to ~/path/to/repository/config.
$ mkdir -p ~/my/new/working/copy
$ cd ~/my/new/working/copy
$ git init
$ touch somefile.txt
$ git add .
$ git commit -m 'Initial commit'
$ git remote add origin user@targetserver:path/to/repository
$ git push -u origin master
$ git fetch
$ git pullOptional step, but very much recommended. Swapping out the default shell for our Git-only SSH user (e.g. /bin/bash) and replacing with git-shell which only permits Git operations for push/pull/fetch.
$ which git-shell
# take note of full path (e.g. /usr/bin/git-shell)
# then edit /etc/passwd for your Git-only SSH user, or simply...
$ usermod -s /path/to/git-shell [git-username]Now SSH login attempts to git-username should be rejected, but Git push/pull operations should be allowed.