GitoLite 和 Git 可以使用 LDAP 而不是 SSH 密钥吗 [英] Can GitoLite and Git Using LDAP and NOT SSH keys
问题描述
我的公司正在考虑使用 git 和 gitolite,但不想使用 SSH 密钥并像使用 LDAP 一样工作.可以这样做吗??
my firm is looking at using git and gitolite but does not want to use SSH keys and work like to use LDAP.. Can this be done??
我从来没有见过这样做的..我在每个地方都有这个设置,总是使用 SSH 密钥
I never seen this done.. everyplace I have this setup with always used SSH keys
推荐答案
是的,你可以毫无问题地做到这一点.
Yes, you can do it without any issue.
您只需要 Apache 做认证部分 (因为 gitolite 只是一个 授权层),调用gitolite-shell
而不是git-http-backend
,REMOTE_USER
由Apache设置(以及 由 gitolite-shell代码>
).
You simply need your Apache to do the authentication part (since gitolite is only an authorization layer), and call gitolite-shell
instead of git-http-backend
, with REMOTE_USER
set by Apache (and used by gitolite-shell
).
请参阅Git with Ldap on Ubuntu with Apache"中的详细示例.
See a detailed example in "Git with Ldap on Ubuntu with Apache".
httpd.conf
的主要部分是:
SetEnv GIT_PROJECT_ROOT @H@/repositories
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv GITOLITE_HTTP_HOME @H@
ScriptAlias /hgit/ @H@/sbin/gitolite-shell/
SetEnv GIT_HTTP_BACKEND "@H@/usr/local/apps/git/libexec/git-core/git-http-backend"
<FilesMatch ".(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Location /hgit>
SSLOptions +StdEnvVars
Options ExecCGI +FollowSymLinks +SymLinksIfOwnerMatch
#AllowOverride All
order allow,deny
Allow from all
AuthName "LDAP authentication for Smart HTTP Git repositories"
AuthType Basic
AuthBasicProvider myldap companyldap
AuthzLDAPAuthoritative Off
Require valid-user
AddHandler cgi-script cgi
</Location>
(@H@
只是一个模板值,要替换成你的路径)
(@H@
is just a template value, to be replaced by your path)
这篇关于GitoLite 和 Git 可以使用 LDAP 而不是 SSH 密钥吗的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!