mirror of
https://github.com/nicolabs/git-server-docker.git
synced 2026-04-09 23:49:56 +02:00
Fixed ssh keys bug
This commit is contained in:
Akuario
parent
35caf76a48
commit
af446d2633
|
|
@ -19,6 +19,8 @@ WORKDIR /git-server/
|
||||||
# Con -D no creamos password, con -s le cambiamos la shell
|
# Con -D no creamos password, con -s le cambiamos la shell
|
||||||
RUN mkdir /git-server/keys \
|
RUN mkdir /git-server/keys \
|
||||||
&& adduser -D -s /usr/bin/git-shell git \
|
&& adduser -D -s /usr/bin/git-shell git \
|
||||||
|
#&& adduser -D git \
|
||||||
|
&& echo git:12345 | chpasswd \
|
||||||
&& mkdir /home/git/.ssh
|
&& mkdir /home/git/.ssh
|
||||||
|
|
||||||
COPY sshd_config /etc/ssh/sshd_config
|
COPY sshd_config /etc/ssh/sshd_config
|
||||||
|
|
|
||||||
19
sshd_config
19
sshd_config
|
|
@ -16,15 +16,15 @@
|
||||||
#ListenAddress ::
|
#ListenAddress ::
|
||||||
|
|
||||||
# The default requires explicit activation of protocol 1
|
# The default requires explicit activation of protocol 1
|
||||||
Protocol 2
|
#Protocol 2
|
||||||
|
|
||||||
# HostKey for protocol version 1
|
# HostKey for protocol version 1
|
||||||
#HostKey /etc/ssh/ssh_host_key
|
#HostKey /etc/ssh/ssh_host_key
|
||||||
# HostKeys for protocol version 2
|
# HostKeys for protocol version 2
|
||||||
HostKey /etc/ssh/ssh_host_rsa_key
|
#HostKey /etc/ssh/ssh_host_rsa_key
|
||||||
HostKey /etc/ssh/ssh_host_dsa_key
|
#HostKey /etc/ssh/ssh_host_dsa_key
|
||||||
HostKey /etc/ssh/ssh_host_ecdsa_key
|
#HostKey /etc/ssh/ssh_host_ecdsa_key
|
||||||
HostKey /etc/ssh/ssh_host_ed25519_key
|
#HostKey /etc/ssh/ssh_host_ed25519_key
|
||||||
|
|
||||||
# Lifetime and size of ephemeral version 1 server key
|
# Lifetime and size of ephemeral version 1 server key
|
||||||
#KeyRegenerationInterval 1h
|
#KeyRegenerationInterval 1h
|
||||||
|
|
@ -46,12 +46,13 @@ HostKey /etc/ssh/ssh_host_ed25519_key
|
||||||
#MaxAuthTries 6
|
#MaxAuthTries 6
|
||||||
#MaxSessions 10
|
#MaxSessions 10
|
||||||
|
|
||||||
#RSAAuthentication yes
|
RSAAuthentication yes
|
||||||
PubkeyAuthentication yes
|
PubkeyAuthentication yes
|
||||||
|
|
||||||
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
|
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
|
||||||
# but this is overridden so installations will only check .ssh/authorized_keys
|
# but this is overridden so installations will only check .ssh/authorized_keys
|
||||||
AuthorizedKeysFile .ssh/authorized_keys
|
AuthorizedKeysFile .ssh/authorized_keys
|
||||||
|
#AuthorizedKeysFile /home/git/.ssh/authorized_keys
|
||||||
|
|
||||||
#AuthorizedPrincipalsFile none
|
#AuthorizedPrincipalsFile none
|
||||||
|
|
||||||
|
|
@ -76,13 +77,13 @@ PasswordAuthentication no
|
||||||
#ChallengeResponseAuthentication yes
|
#ChallengeResponseAuthentication yes
|
||||||
|
|
||||||
# Kerberos options
|
# Kerberos options
|
||||||
#KerberosAuthentication no
|
KerberosAuthentication no
|
||||||
#KerberosOrLocalPasswd yes
|
#KerberosOrLocalPasswd yes
|
||||||
#KerberosTicketCleanup yes
|
#KerberosTicketCleanup yes
|
||||||
#KerberosGetAFSToken no
|
#KerberosGetAFSToken no
|
||||||
|
|
||||||
# GSSAPI options
|
# GSSAPI options
|
||||||
#GSSAPIAuthentication no
|
GSSAPIAuthentication no
|
||||||
#GSSAPICleanupCredentials yes
|
#GSSAPICleanupCredentials yes
|
||||||
|
|
||||||
# Set this to 'yes' to enable PAM authentication, account processing,
|
# Set this to 'yes' to enable PAM authentication, account processing,
|
||||||
|
|
@ -128,7 +129,7 @@ Subsystem sftp /usr/lib/ssh/sftp-server
|
||||||
# the following are HPN related configuration options
|
# the following are HPN related configuration options
|
||||||
# tcp receive buffer polling. disable in non autotuning kernels
|
# tcp receive buffer polling. disable in non autotuning kernels
|
||||||
#TcpRcvBufPoll yes
|
#TcpRcvBufPoll yes
|
||||||
|
|
||||||
# disable hpn performance boosts
|
# disable hpn performance boosts
|
||||||
#HPNDisabled no
|
#HPNDisabled no
|
||||||
|
|
||||||
|
|
|
||||||
5
start.sh
5
start.sh
|
|
@ -4,9 +4,10 @@ cd /home/git
|
||||||
|
|
||||||
# Si hay alguna clave pública en la carpeta de keys
|
# Si hay alguna clave pública en la carpeta de keys
|
||||||
if [ "$(ls -A /git-server/keys/)" ]; then
|
if [ "$(ls -A /git-server/keys/)" ]; then
|
||||||
cat /git-server/keys/*.pub > .ssh/authorized_keys
|
cat /git-server/keys/*.pub >> .ssh/authorized_keys
|
||||||
chown -R git:git .ssh
|
chown -R git:git .ssh
|
||||||
chmod -R a=rw+X,o-w .ssh
|
chmod 700 .ssh
|
||||||
|
chmod -R 600 .ssh/*
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Bandera -D para que no se ejecute como demonio
|
# Bandera -D para que no se ejecute como demonio
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue