multiuser Hg access w/o shell account?

Mark Reinhold mr at
Wed Jun 6 04:34:55 UTC 2007

> Date: Tue, 05 Jun 2007 18:38:05 -0500
> From: tom.marble at

> The use case I'm trying to work on is Mercurial best practices
> for setting up a multi-user repository.  My assumptions are:
> - I only want to support push via ssh (not http) because
>   of more secure authentication and optional compression
> - I want control of exactly what kind of shell privileges
>   each user has
> - Setting up ssh for password-less operation is understood [1]
> - In reviewing the man page for "hg push" [2] it is clear
>   that a shell account is required for ssh pull/push to work.

Unless you're willing to rely on .htpasswd-like authentication [1].
(Which I'm not.)

> ...
> Are there alternative best practices for multiuser
> commit access via ssh?

Yep.  I've set up some (Sun-internal) hg trees that support multiuser
pushes using the hg-ssh script [2].  Far simpler than hacking rbash,
especially since everyone winds up running under the same user id on
the server.

- Mark


More information about the build-dev mailing list