What permissions should be assigned for the "git" user in gitolite

I set up git and gitolite with some help from members on this forum and using these instructions:

In the instructions one of the requirements is:

a dedicated userid to host the repos (in this document, we assume it is 'git'), with shell access ONLY by 'su - git' from some other userid on the same server.

Are these the correct permissions shown below?

sudo chown git /home/git
sudo chmod -R 755 /home/git

...or are there more appropriate settings to provide necessary security and functionality?

Solution

Yes and no:

For /home/git, 700 would work too if you want something "more secure".

But you don't have to protect everything the same way within the git homedir, especially the .ssh directory.

The main point is to avoid '+gw' and '+ow' on /home/git itself: if 'group' or 'others' are writable, ssh won't work (the ssh daemon will refuse to consider /home/git/.ssh content)

See "Creating SSH keys for Gerrit and Hudson" as an example of appropriate ssh protections.