Mercurial Mercurial > mercurial / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/helptext/hg-ssh.8.txt
author Matt Harbison <matt_harbison@yahoo.com>
Tue, 06 Sep 2022 15:08:52 -0400
branchstable
changeset 49490 37debd850c16
parent 46819 d4ba4d51f85f
permissions -rw-r--r--
packaging: update dulwich to drop the certifi dependency on Windows The presence of `certifi` causes the system certificate store to be ignored, which was reported as a bug against TortoiseHg[1]. It was only pulled in on Windows because of `dulwich`, which was copied from the old TortoiseHg install scripts, in order to support `hg-git`. This version of `dulwich` raises the minimum `urllib3` to a version (1.25) that does certificate verification by default, without the help of `certifi`[2]. We already bundle a newer version of `urllib3`. Note that `certifi` can still be imported from the user site directory, if installed there. But the installer no longer disables the system certificates by default. [1] https://foss.heptapod.net/mercurial/tortoisehg/thg/-/issues/5825 [2] https://github.com/jelmer/dulwich/issues/1025

========
 hg-ssh
========

----------------------------------------
restricted ssh login shell for Mercurial
----------------------------------------

:Author:         Thomas Arendsen Hein <thomas@intevation.de>
:Organization:   Mercurial
:Manual section: 8
:Manual group:   Mercurial Manual

.. contents::
   :backlinks: top
   :class: htmlonly
   :depth: 1

Synopsis
""""""""
**hg-ssh** repositories...

Description
"""""""""""
**hg-ssh** is a wrapper for ssh access to a limited set of mercurial repos.

To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
(probably together with these other useful options:
no-port-forwarding,no-X11-forwarding,no-agent-forwarding)

This allows pull/push over ssh from/to the repositories given as arguments.

If all your repositories are subdirectories of a common directory, you can
allow shorter paths with:
command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"

You can use pattern matching of your normal shell, e.g.:
command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"

You can also add a --read-only flag to allow read-only access to a key, e.g.:
command="hg-ssh --read-only repos/\*"

Bugs
""""
Probably lots, please post them to the mailing list (see Resources_
below) when you find them.

See Also
""""""""
|hg(1)|_

Author
""""""
Written by Olivia Mackall <olivia@selenic.com>

Resources
"""""""""
Main Web Site: https://mercurial-scm.org/

Source code repository: https://www.mercurial-scm.org/repo/hg

Mailing list: https://www.mercurial-scm.org/mailman/listinfo/mercurial/

Copying
"""""""
Copyright (C) 2005-2016 Olivia Mackall.
Free use of this software is granted under the terms of the GNU General
Public License version 2 or any later version.

.. include:: common.txt
mercurial