1

All of our developers run Windows workstations. We run a Linux development server. I've been wanting to try out running our own git server on the dev server.

After some research I've settled on trying to install gitolite. A lot of the tutorials on how to install it are very similar, I've been following this one.

One step that doesn't make much sense to me is that it wants to you generate a public key on the client machine and then upload it to the server and use it like so:

$ gl-setup YourName.pub

I don't understand what this step is for... There are going to be about a dozen client machines that I want to connect to and use the git repos... which machine is "the client" machine? Do I need to do this step more than once, one for each client machine? What happens when I need to add a new client machine later? Why is this step necessary?

I assume the keys are so that client machines can authenticate with the server without having to put in a login/password? Can't I just setup a login/password system that client workstations would use to access the git repos? Can I just integrate our LDAP logins? Are the public keys necessary?

Also, we are running Windows workstations, not linux, so generating public keys isn't as straightforward as just installing openssl and doing it.

It seems like installing something like this should be more straightforward...

Jake Wilson
  • 8,814
  • 29
  • 97
  • 125

2 Answers2

2

You need to generate/add the key for each user/client machine combination that will be using gitolite. The keys get copied into your gitolite-admin/keydir directory (I use a $USERNAME-$HOSTNAME-id_rsa.pub naming convention-- not sure if that's required but it works for me). Once youve added the keys to the keydir directory then you need to update the gitolite-admin/conf/gitolite.conf file to set up the appropriate projects/user access (using $USERNAME-$HOSTNAME-id_rsa as the naming convention).

Once that is done, you can do the git add conf keydir, commit -m "blah blah blah", and git push origin master dance and, if all goes well, the apropriate users should be able to access the appropriate git repos on your server.

Edit: I don't recall what git client setup the windows users are using but it has all the pieces to generate their keys (they aren't available so I can't ask them). It did take me a couple of tried to get it figured out & working but it appears to work well once set up.

gsiems
  • 546
  • 5
  • 8
  • Is there no way just to setup a simple login for accessing the repo? Like when I need to add a new user I can simply just create a new user and then goto that person and say "here is your login for the server" instead of jumping through a bunch of hoops generating keys just to give them access... Also, lets say one user is across the country working remotely and they don't understand how to generate keys for their computer and the git admin isn't local to do it for them. How do you approach this problem? – Jake Wilson Nov 17 '11 at 20:14
0

Gitolite only uses one user, usually gitolite on the server to authenticate. This is why you add the other users public keys to the gitolite keydir directory to add users. In the official docs you can see that gitolite is (usually) heavily dependent on ssh. http://sitaramc.github.com/gitolite/gl_ssh.html.

slillibri
  • 1,643
  • 1
  • 9
  • 8
  • Are there any git servers out there that just use a simple login/password authentication scheme? Maybe something that uses `web_dav` like SVN can? – Jake Wilson Nov 17 '11 at 20:27
  • There are docs here http://sitaramc.github.com/gitolite/http.html for using Gitolite with HTTP. I haven't ever set this up, I have always just used ssh. Generating public keys on windows workstations is pretty straight forward using puttygen, then using pageant for authentication. I've done this many times for SVN access for developers on windows workstations. – slillibri Nov 17 '11 at 20:38