There is no ‘unrestricted’ access, unless you’ve configured it that way. If you mark a repository as ‘private’, it will only be accessible to logged-in users who have been given permission to see it. This is true for access via the Git protocols (what you refer to as ‘linux console (terminal)’), and for the web interface.
While it is probably possible to disable Git-over-SSH access to your Gitea server, disabling Git-over-HTTPS would be more difficult. Since it’s also not possible to ‘clone’ a repository via the web interface, I don’t think your goal is achievable.