-- markdown -- # subssh #
Author: Esa-Matti Suuronen <esa-matti aet suuronen dot org>
Subssh is a bare minimal shell for exposing minimal amount of commands for untrusted users. Eg. if you want to restrict users' access to svn- Mercurial- or/and git-repositories only.
## Features ##
Multiple users can use single account. - Users are distinguished by public SSH-keys in ~/.ssh/authorized_keys file. - Keys can be managed from the shell.
Easily extendable. [Example](http://bitbucket.org/epeli/subssh/src/tip/subssh/app/example.py).
Version control management (Git, Mercurial and Subversion are supported). - Users can create, delete, fork and rename repositories. - Permissions management. Users can set who can read/write their
- Repository publishing. Users can make their repositories public using some web interface (eg. gitweb, websvn). Not included. Subssh just makes symlinks to a configured repository when user decides to publish a repository
Subssh is inspired by [GitHub][h], [Gitosis][s], [YouSource (Verso)][y] and [CherryPy][c] (for the extension system).
## Requirements ##
- Should work with Python 2.4, 2.5 and 2.6. Mostly tested with 2.5.
- OpenSSH server. Well, subssh can be run locally, but there's really no point doing that...
- Git (for the Git app).
- Mercurial (for the Mercurial app).
- Subversion (for the Subversion app).
## Installing ##
No releases are made yet, but you can try installing from git-repository.
Since is there is only a development version available, usage of a Python [virtualenv][e] is highly recommended. In Debian based distros it can be found from python-virtualenv -package.
$ virtualenv subsshenv $ source subsshenv/bin/activate
If you have also [setuptools][t] installed you can install the tip (latest version in repository) with easy_install:
$ easy_install http://bitbucket.org/epeli/subssh/get/tip.tar.bz2
Otherwise you can install it manually:
$ hg clone http://bitbucket.org/epeli/subssh/ $ cd subssh $ python setup.py install
## Usage ##
Just run subssh and type help.
### Usage over SSH ###
Add a public key with subssh-admin
$ subssh-admin --add-key desired_username ssh-rsa AAAmyekeyhere...
and login with that key.
## Example session ##
Created new repository 'myrepo'
- = r
me = rw
Anonymous web view is disabled
- Read/Write ssh://firstname.lastname@example.org/myrepo.git
- = r
me = rw myfriend = rw
Anonymous web view is enabled
- Read/Write ssh://email@example.com/myrepo.git Anonymous read http://subsshserver.example.com/repo/myrepo.git Web view http://subsshserver.example.com/viewgit/?a=summary&p=myrepo.git