"Half" ssh authorization to a server with git repository
Posted
by
hsz
on Server Fault
See other posts from Server Fault
or by hsz
Published on 2011-03-14T14:23:45Z
Indexed on
2011/03/14
16:12 UTC
Read the original article
Hit count: 307
Hello !
Currently I have purchased web hosting with ssh access.
I have created a git repository on it and if I set my public key in ~/.ssh/authorized_keys
file, I have access to that repo, I can push/pull data, etc.
This solution allows access for every user that has his public key in authorized_keys
file.
But there is one thing that I want to avoid. Every user can login to the server too and has access to whole ssh account.
Is it possible to create a blacklist of users' keys that will not have an access to ssh ?
I see it that way:
- user logs in to a git - ok, allow for every one
- user logs in to ssh account
~/.profile
file is hooked and called a custom script:- check user's public key
- if public key is in
~/.ssh/blacklist_keys
call bashexit
/logout
Is it possible in any way ?
© Server Fault or respective owner