PDA

View Full Version : adding a local user to my linux machine



leeds
4th March 2012, 05:52 PM
Hi All: I'm trying to add a user to my computer ( I'm not on a network. I want to
add a git user in order to set up a git repository on my local machine ) and I've added
myself ( markleeds ) to the sudoers file and that seems to work fine.

the instructions in the pro git book for adding the git user are the following:

1) su adduser git
2) su git
3) cd
4) mkdir .ssh

but, when I type the second command, I get prompted for a password which
clearly isn't the root password because I tried that. if anyone can tell me how
I can stop being prompted for a password, it's appreciated. I'm running fedora
16.0. Thanks.

mark

jpollard
4th March 2012, 06:16 PM
If you are trying to switch to the git user (including the git user environment) then you need to use "su -".

There is no need to create the .ssh directory (unless you are not using ssh as the git user). It will be created as needed by ssh. Note: if you do manually create it it will need the proper label to be set: "chcon -t ssh_home_t .ssh"

leeds
5th March 2012, 01:14 AM
Thank you for your reply jpollard. I am putting the exact statement from the Pro Git book below because maybe there some other way of doing it. I tried su -c but that didn't work.

#================================================= ==========

Start quoting from book.

"Setting up the Server: "

Let's walk through setting up SSH access on the server side. In this example, you'll use the authorized_
keys method for authenticating your users. I also assume that you're running a standard Linux
distribution such as Ubuntu. First you create a git user and an .ssh directory for that user.

$ sudo adduser git
$ su git
$ cd
# mkdir .ssh

End quoting from Pro Git book.

#================================================= =======

If I only need the first command ( and not the next three ), then that first command didn't give me an error but how can I check that there really is a git user after I do that command. thanks a lot for
your patience. It's much appreciated.

PabloTwo
5th March 2012, 01:33 AM
...but how can I check that there really is a git user after I do that command.

grep git /etc/passwd
ls /home

leeds
5th March 2012, 02:12 AM
thank you pablo. it worked. last bother:


the grep returns git:x:501:501::/home/git:/bin/bash.

are the numbers the password ? thanks.

PabloTwo
5th March 2012, 02:16 AM
No, the /etc/passwd file does not contain any "passwords". The numbers are the user and group ID's of the user.
uid=501 and gid=501 for user git. In earlier Fedora releases, regular user id's start at 500. With F16 (possibly F15?) user id's begin at 1000. Use the "id" command to see your uid/gid, which will be 500 and 500.

leeds
5th March 2012, 02:22 AM
thanks pablo. that's really helpful. the reason I'm setting this up is because I want to set up
a local repository for git. but, I notice that I have to be root to get into that git directory. is that
going to cause a problem if I try to use git@whiskserver.com:/opt/git/project.git as a place where someone can push their project ? I really hate to bother you like this. All I can say is that it's really appreciated. I can pay you some consulting fee for help if you want to go off fedora forum to markleeds2@gmail.com. thanks.

PabloTwo
5th March 2012, 02:39 AM
What "git directory"? Do you mean /home/git? If you mean the /home/git directory, then yes, only users root and git can access that directory. I've never set up a local git directory, so I'm not the one to ask for advice on that matter. There should be ample tutorials available on the internet to learn such information, or some Fedora forum users who have experience with that may see your thread here and lend some helpful advice.

---------- Post added at 08:39 PM ---------- Previous post was at 08:34 PM ----------

You could, as root, change permissions on the /home/git directory:

chmod 770 /home/git
Then, any user that was a member of the group "git" would have read/write access to /home/git.

leeds
5th March 2012, 02:52 AM
hi pablo. here's the link in case you are interested. thank you for all the great help.

http://progit.org/book/ch4-4.html

marko
5th March 2012, 03:30 AM
A few other good ways to confirm the existence of a user:



id -a username
finger username

leeds
5th March 2012, 03:44 AM
thank you pablo. it's much appreciated.

jpollard
5th March 2012, 02:23 PM
I would suggest using "ssh git@localhost" to login as the git user.

You can verify that git is the user (id),

Then to start things off you can use "scp <you>@localhost:<public key> .ssh/authorized_keys" to get the first public key. The ssh connection will create the .ssh directory, and add the localhost as the first "known host", and the scp will create the authorized_keys file with one entry. All others can be appended.

You actually don't need the public key if you are the only one. It is just nice not having to enter the git password. Other than that, it is no different than giving everyone access by giving them the password (the users private key becomes equivalent, the only thing preventing them from changing the git password is needing to know the old password first... and there are ways to capture that though it might take a while)

leeds
5th March 2012, 04:19 PM
Dear JPollard: Thank you very much for your helpful reply. I haven't been working on it at
the moment because I asked a friend to send me his public key so I could do a test but he hasn't responded. I think you are saying that I can test the repository myself without a public key ?

I will follow your instructions and let you know how it goes. Your help is much appreciated.

jpollard
5th March 2012, 05:38 PM
I believe you can - as I understand it, git uses ssh to connect, and that protocol has both PKI capability and password. If it doesn't have your password/public key, then it will as for the git login password.

leeds
5th March 2012, 05:40 PM
Thanks JPollard. I've gotten side tracked and have to do some errands but when I try it, I'll
let you know. If you want to go offline and consult for me on this ( assuming I need help which
I probably will ) , my email is markleeds2@gmail.com. Thanks.

PabloTwo
5th March 2012, 06:54 PM
I had a look at the guide you linked to. What it's doing is having you put the public ssh key from each user who is going to be authorized to access the git repo into the /home/git/.ssh/authorized_keys file. What the guide isn't telling you is how to generate an ssh key pair (I guess it assumes you already know how or have already had each user do so).

Each user who is going to access the git repo needs to have run, at a minimum,

$ ssh-keygen -t rsa
That will generate an ssh key pair, a private key and a public key (id_rsa and id_rsa.pub) It's the id_rsa.pub file from each user that is then appended into the /home/git/.ssh/authorized_keys file. Wtih that, the users should then be able to ssh into the git user account without having to type a password.

Speaking of which, you haven't mentioned setting a password for the git user you created. To do that, as root:

passwd git
enter a password for git (in the blind)
enter the password a second time when prompted (again, in the blind)
If you had switched to root and then created the /home/git/.ssh directory, then that directory would be owned by root, not user git. If that's the case, correct that with:

chown -R git:git /home/git
I see the guide sets up the actual git repo in /opt/git/

leeds
5th March 2012, 07:07 PM
thanks pablo: something came up so I can't work on this at the moment but I'll try it definitely
as soon as time permits. It's so kind of you to go into so much detail and to read the link that
I sent. If I ever get it close to working and you want to push a dummy project to see if it git works,
that would be really appreciated. I just can't do anything right now because I have to leave. Thanks
again and if you're ever interested in consulting on this, you have my email address.

mark