Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
c73eb55d
Commit
c73eb55d
authored
Dec 20, 2017
by
Nick Thomas
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use the new gitlab-shell authorized-keys helper in documentation
parent
8de1bb9e
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
6 additions
and
28 deletions
+6
-28
GITLAB_SHELL_VERSION
GITLAB_SHELL_VERSION
+1
-1
doc/administration/operations/fast_ssh_key_lookup.md
doc/administration/operations/fast_ssh_key_lookup.md
+5
-27
No files found.
GITLAB_SHELL_VERSION
View file @
c73eb55d
5.1
0.3
5.1
1.0
doc/administration/operations/fast_ssh_key_lookup.md
View file @
c73eb55d
...
...
@@ -25,34 +25,12 @@ GitLab Shell provides a way to authorize SSH users via a fast, indexed lookup
to the GitLab database. GitLab Shell uses the fingerprint of the SSH key to
check whether the user is authorized to access GitLab.
Create the directory
`/opt/gitlab-shell`
first:
```
bash
sudo mkdir
-p
/opt/gitlab-shell
```
Create this file at
`/opt/gitlab-shell/authorized_keys`
:
```
#!/bin/bash
if
[[
"
$1
"
==
"git"
]]
;
then
/opt/gitlab/embedded/service/gitlab-shell/bin/authorized_keys
$2
fi
```
Set appropriate ownership and permissions:
```
sudo chown root:git /opt/gitlab-shell/authorized_keys
sudo chmod 0650 /opt/gitlab-shell/authorized_keys
```
Add the following to
`/etc/ssh/sshd_config`
or to
`/assets/sshd_config`
if you
are using Omnibus Docker:
Add the following to your
`sshd_config`
file. This is usuaully located at
`/etc/ssh/sshd_config`
, but it will be
`/assets/sshd_config`
if you're using
Omnibus Docker:
```
AuthorizedKeysCommand /opt/
gitlab-shell/authorized_keys
%u %k
AuthorizedKeysCommand /opt/
embedded/gitlab-shell/bin/gitlab-shell-authorized-keys-check git
%u %k
AuthorizedKeysCommandUser git
```
...
...
@@ -70,7 +48,7 @@ Confirm that SSH is working by removing your user's SSH key in the UI, adding a
new one, and attempting to pull a repo.
> **Warning:** Do not disable writes until SSH is confirmed to be working
perfectly because the file will quickly become out-of-date.
perfectly
,
because the file will quickly become out-of-date.
In the case of lookup failures (which are not uncommon), the
`authorized_keys`
file will still be scanned. So git SSH performance will still be slow for many
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment