GitoLite 和 Git 可以使用 LDAP 而不是 SSH 密钥吗 [英] Can GitoLite and Git Using LDAP and NOT SSH keys

问题描述

我的公司正在考虑使用 git 和 gitolite，但不想使用 SSH 密钥并像使用 LDAP 一样工作.可以这样做吗??

my firm is looking at using git and gitolite but does not want to use SSH keys and work like to use LDAP.. Can this be done??

我从来没有见过这样做的..我在每个地方都有这个设置，总是使用 SSH 密钥

I never seen this done.. everyplace I have this setup with always used SSH keys

推荐答案

是的，你可以毫无问题地做到这一点.

Yes, you can do it without any issue.

您只需要 Apache 做认证部分 (因为 gitolite 只是一个 授权层)，调用gitolite-shell而不是git-http-backend，REMOTE_USER由Apache设置(以及 由 gitolite-shell).

You simply need your Apache to do the authentication part (since gitolite is only an authorization layer), and call gitolite-shell instead of git-http-backend, with REMOTE_USER set by Apache (and used by gitolite-shell).

请参阅Git with Ldap on Ubuntu with Apache"中的详细示例.

See a detailed example in "Git with Ldap on Ubuntu with Apache".

httpd.conf的主要部分是:

SetEnv GIT_PROJECT_ROOT @H@/repositories
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv GITOLITE_HTTP_HOME @H@
ScriptAlias /hgit/ @H@/sbin/gitolite-shell/
SetEnv GIT_HTTP_BACKEND "@H@/usr/local/apps/git/libexec/git-core/git-http-backend"
<FilesMatch ".(cgi|shtml|phtml|php)$">
  SSLOptions +StdEnvVars
</FilesMatch>
<Location /hgit>
    SSLOptions +StdEnvVars
    Options ExecCGI +FollowSymLinks +SymLinksIfOwnerMatch
    #AllowOverride All
    order allow,deny
    Allow from all
    AuthName "LDAP authentication for Smart HTTP Git repositories"
    AuthType Basic
    AuthBasicProvider myldap companyldap
    AuthzLDAPAuthoritative Off
    Require valid-user
    AddHandler cgi-script cgi
</Location>

(@H@ 只是一个模板值，要替换成你的路径)

(@H@ is just a template value, to be replaced by your path)

这篇关于GitoLite 和 Git 可以使用 LDAP 而不是 SSH 密钥吗的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！