Corporate Git – sshd

July 25th, 2010


Start the Secure Shell Daemon (sshd) service on Windows

This will allow users on remote computers to log in to your box, get an interactive shell and do whatever they want. Or rather whatever you allow them to do. Remember? User “git” is not an admin…

There is a nice guide with a lot of troubleshooting info here.

In a nutshell. Start a Cygwin Shell window.

$ ssh-host-config -y

When prompted for “CYGWIN=”, type “tty ntsec”.

I do not allow login by password, only the public-key method. See below. So change the related line in “/etc/sshd_config” like this:

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no

Finally start the service:

cygrunsrv --start sshd

Administering users with public-key authentication

Master Foo wants to log in remotely to your box’s “git” account.
He sends you his public RSA key in any way, email, pen-drive, whatever YOU trust.
If you find Master Foo worthy, you authorize his key, and from then he will be able to log in to your “git” account via ssh without typing git’s password:

$ cat >> /home/git/.ssh/authorized_keys
Comments are closed.