using Qnap as GIT-Server - SSH Problems

published : 2013-11-06 changed: 2017-08-21

category: Computer

tags: git qnap

Linux really rules, especially if you consider the possibilities you get, adding functionalities to linux based gadgets or fix / add missing functionalities.

The latter one is something that also can be said about the Qnap storage system. I use git for my own little software projects. This is cool as a version control system and easy to use - better than SVN or CVS.

So I have my repositories on a share on my qnap. You can mount the share and use git to synchronize stuff, that works fine so fare. But causes problems, when working remotely where you do not want to mount the share in order to be able to push things.

Luckily you can install additional tools on the qnap, git is one of them. And it works fine out of the box, you can use ssh to access git and the repositories.

Unfortunately is the sshd that comes with the qnap somewhat works strange, you can alter the /etc/sshd to what you want, it won't be possible to log in as something else than admin.

I do not want to open some root login to this qnap, no way. So I digged a bit deeper and found out, that the sshd is altered to only allow logins as admin.

But I am root on this machine, so lets hack.

  1. install openssh via the Optware installation frontend. unfortunately this alone does not work, as the installation is not replacing the existing one. So we need to go further
  2. rename original in /usr/sbin: mv sshd sshd.qnap
  3. create link: ln -s /opt/sbin/sshd
  4. alter your sshd_config to your needs
  5. restart sshd (either via the GUI by disabling and re-enabling remote login or via kill the SSHD - Attention, this might and often will kick you out)

ok, now you should be able to log in as someone else than admin.

now you only need to create your repositories to your liking. I created one special share for it (which can also be mounted).

in my case it would be something like: git clone user@qnap:/share/development/git/repo

if you think this might be a security risk, you could set the login shell for that user to git-shell to avoid direkt access of this user.

Happy Hacking

created Stephan Bösebeck (stephan)