Provided by: gotd_0.106-1_amd64 bug

NAME

     gotsh — Game of Trees Shell

SYNOPSIS

     gotsh -cgit-receive-pack repository-pathgotsh -cgit-upload-pack repository-path

DESCRIPTION

     gotsh is the network-facing interface to gotd(8).  It implements the server-side part of the
     Git network protocol used by git(1) and got(1).

     gotsh is not an interactive shell.  gotsh is intended to be configured as the login shell of
     Git repository user accounts on servers running gotd(8).  If users require a different login
     shell, gotsh can be installed in the command search path under the names git-receive-pack
     and git-upload-pack, or gitwrapper(1) can be used to select the appropriate command to run
     automatically.

     The users can then interact with gotd(8) over the network.  When users invoke commands such
     as got send and got fetch on client machines, got(1) will connect to the server with ssh(1).
     gotsh will facilitate communication between gotd(8) running on the server machine and the
     got(1) or git(1) program running on the client machine.

     Users running gotsh should not have access to Git repositories by means other than accessing
     the unix socket of gotd(8) via gotsh.

     It is recommended to restrict ssh(1) features available to users of gotsh.  See the EXAMPLES
     section for details.

ENVIRONMENT

     GOTD_UNIX_SOCKET  Set the path to the unix socket which gotd(8) is listening on.  If not
                       specified, the default path /var/run/gotd.sock will be used.

EXAMPLES

     sshd_config(5) directives such as the following are recommended to protect the server
     machine and any systems reachable from it, especially if anonymous users are allowed to
     connect:

           Match User developer
               DisableForwarding yes
               PermitTTY no

     It can be convenient to add all relevant users to a common group, such as “developers”, and
     then use this group as the Match criteria:

           Match Group developers
               DisableForwarding yes
               PermitTTY no

     Anonymous users can be given public read-only access by using a gotd.conf(5) access rule
     such as the following:

           repository "public" {
                   path "/var/git/public.git"
                   permit ro anonymous
           }

     The anonymous user account should have a publicly known password, or can be set up with an
     empty password in which case the user's vipw(8) entry would look similar to this example:

     anonymous::1002:1002::0:0:Anonymous:/home/anonymous:/usr/local/bin/gotsh

     Use of an empty password must be explicitly allowed in sshd_config(5):

           Match User anonymous
               PasswordAuthentication yes
               PermitEmptyPasswords yes
               DisableForwarding yes
               PermitTTY no

SEE ALSO

     gitwrapper(1), got(1), ssh(1), gotd.conf(5), sshd_config(5), gotd(8)

AUTHORS

     Stefan Sperling <stsp@openbsd.org>