2

We have a web server which contains a web application stored as a github project. Now all of us can push from our local machines to github and then pull from the web server.

Sometimes we want to make small changes on the web server and immediately see the effect so it would be great to be able to push from the web server too.

Now I created an ssh key for the server but I don't want to add the servers ssh key to my github account because then all github actions done from the server are counted to my account. I also don't want to copy my private key to the server obviously.

Is it possible to add the ssh key of the web server to the github web application project without creating a new user for the server and what is the best practice for this situation?

Improve this question

2 Answers 2

Reset to default
2

SSH keys are per-account on github (and everywhere else) and you neither want an account for the server nor attach the server to one of the personal accounts.

I take it you have only one account for everybody on the web server to edit the git repo / web application. Otherwise you wouldn't have the restriction of a single key for the server.

So if you really want to push from the server directly to github, you have to create different logins/user on the web server and then login as one of these users to push to github.

You have to make sure that all of these users have write access to the .git folder and every file created by git will retain this access.

My idea would be to force a group git for the whole repository with

chgrp -R git <git repo dir>
chmod -R g+s <git repo dir>

and then force write access per default for new files for that group with

setfacl -R -m d:g:git:rwX

This would be my solution for a linux web server with ACLs. In case you have a windows web server you can do the same, but you obviously have to do that in the GUI or use other commands.

In terms of github/ssh configuration you would create an ssh key for every user on the web server and every user adds them to their personal git user account. You still should not copy the private key from your machine to the web server.

Improve this answer
0
1

Please never have several users with the same account. It just leads to washing out of responsibilities.

Improve this answer
1
  • 1
    most rules have exceptions which make "never" and "always" overly strong words.
    – Sirex
    Commented Jan 15, 2013 at 19:52

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .