Setting up git user for ssh access

Hello,

I’d like to set up the git user in a way, that it can do push/clone and all necessary git features, but not access the server through ssh in any common way, which it can with default configuration. (I realize this is more a linux issue than gitea-specific, but I hope that here is a good place to ask this nontheless)

Currently, I use the shell /usr/sbin/nologin for the user git, which allows the user to run the gitea application. If I try to ssh into the server, I get this, which is what I had desired:

$ ssh git.myserver.de
PTY allocation request failed on channel 0
This account is currently not available.
Connection to git.myserver.de closed.

However, I can’t use the ssh url to clone a gitea repo for obvious reasons:

$ git clone ssh://git@git.myserver.de/user/repo.git
Cloning into 'repo'...
fatal: protocol error: bad line length character: This

So how would I keep the regular ssh functionality disabled while allowing access to git-specific functionalities? Is there a specific shell that would allow me to accomplish this?

//edit

I think i might have jumped the gun on this and didnt realize that this feature is provided by default with a regular shell. I feel kinda stupid now.

I figure you have already fixed this, but I would like to confirm for you.

I setup my SSH access on Gitea using this guide: https://wiki.archlinux.org/index.php/Gitea#Enable_SSH_Support .

Don’t worry about it being Arch Linux, just do what you do for your own configuration. I did mine on Ubuntu and it works perfectly.

To confirm, yes you will have an SSH-available user, but no, there will be no shell access, even if Gitea is stopped. I confirmed, and there is no access available on SFTP either.

Following the guide I have linked, you should have a fully-working Git interface over SSH, with no access to anything else on the machine.

This means you don’t have shell for you user.
You can try to

cat /etc/passwd

and look at your user.

$ git clone ssh://git@git.myserver.de/user/repo.git
Cloning into 'repo'...
fatal: protocol error: bad line length character: This

I get the same prombem and don’t know how to fix it.
fatal: protocol error: bad line length character: This
Maybe someone know where is the problem?
I use VSCode in my win10 desktop.

Try to use you link, my config sshd_config are here

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes
UsePAM yes
AllowUsers gitea

UsePAM yes
AllowUsers gitea
from link below, but still have
fatal: protocol error: bad line length character: This

1. my error message was “This account is currently not available.”
2. I create user with this options:

adduser --system --group --disabled-password --home /etc/gitea gitea

without any shell.
The right way is:

adduser --system --shell /bin/bash --group --disabled-password --home /etc/gitea gitea

Thats why i can’t get via ssh.