Gitlab 7.8.4 unable to push with SSH or HTTPS - gitlab

Our setup:
Gitlab CE
Gitlab 7.8.4
Git-shell: 2.5.4
Gitlab API: v3
Ruby: 2.1.5p273
Rails: 4.1.1
This is test is on a private repository owned by the same user that is trying to push to it (user is admin). Environment check is clean with no errors. Same error whether we try HTTPS or SSH. SSH worked before the upgrade.
Error:
git push -u origin master
/usr/local/lib/ruby/2.1.0/json/common.rb:155:in `parse': 757: unexpected token at 'false' (JSON::ParserError)
from /usr/local/lib/ruby/2.1.0/json/common.rb:155:in `parse'
from /home/git/gitlab-shell/lib/gitlab_access_status.rb:13:in `create_from_json'
from /home/git/gitlab-shell/lib/gitlab_net.rb:34:in `check_access'
from /home/git/gitlab-shell/lib/gitlab_shell.rb:25:in `exec'
from /home/git/gitlab-shell/bin/gitlab-shell:16:in `<main>'
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Similar issue:
https://gitlab.com/gitlab-org/gitlab-ce/issues/838
It would appear that we have proper access via HTTPS and SSH, but something on the server, perhaps with git-shell is not right.
What we've done so far:
sudo -u git -H bundle exec rake gitlab:shell:setup RAILS_ENV=production
Made sure 'AllowUsers git' was in sshd_config
ssh-keygen -A
ssh-keygen: generating new host keys: ED25519
Tried different version of git-shell back to 2.2.0.
# ssh git#gitlab.domain.com
PTY allocation request failed on channel 0
Welcome to GitLab, Anonymous!
Connection to gitlab.domain.com closed.

As Geoff pointed out, my issue was a badly configured gitlab-shell/config.yml. Once the type for gitlab_url was corrected, we were able to push and pull without any issues with HTTPS and SSH.

Related

Can't interact with github

My laptop runs arch linux. I wanted to use github to backup my project. In the beginning everything worked fine, I was able to push the first two commits.
Then I wanted to push the third commit but it took forever. From then on every communication (push, pull, clone etc. on multiple repositories) with the remote repository took forever and ended with the error: fatal: could not read from remote repository. There was one exception where i was able to push. Afterwards it was the same again.
The ssh authentication is working. ssh git#github.com delivers the expected response. (ssh -T git#github.com takes forever and is not successful - is this relevant?)
There are a few similar threads but I haven't found a working answer.
What i have already tried:
Checked remote repository (git remote -v): -- is correct
Started ssh-agent and added key (eval `ssh-agent`, ssh-add)
Forcing ssh to use IPv4 (in ~/.ssh/config: AddressFamily inet)
Removed git enviroment variable (unset GIT_SSH)
Tried multiple keys (rsa, ed25519) with/without password
Used the url wiht ssh:// scheme (ssh://git#yourhost:port/path/repo.git)
Updated git
Complete update of the os
Credential helper disabled (git config --global --unset credential.helper)
Checked credentials (git config --global user.name , git config --global user.email)
I even tried to trace the git pull:
GIT_TRACE=2 GIT_TRACE_PACK_ACCESS=2 GIT_TRACE_PACKET=2 GIT_TRACE_PERFORMANCE=2 GIT_TRACE_SETUP=2 git push -u origin main --verbose
With the result:
14:10:30.980851 trace.c:312 setup: git_common_dir: .git
14:10:30.980857 trace.c:313 setup: worktree: /home/alex/Entwicklung/NetCore/ActivityTrackerPC
14:10:30.980863 trace.c:314 setup: cwd: /home/alex/Entwicklung/NetCore/ActivityTrackerPC
14:10:30.980868 trace.c:315 setup: prefix: (null)
14:10:30.980872 git.c:460 trace: built-in: git push -u origin main --verbose
Push nach github.com:2kHammer/ActivityTracker.git
14:10:30.984208 run-command.c:655 trace: run_command: unset GIT_PREFIX; ssh git#github.com 'git-receive-pack '\''2kHammer/ActivityTracker.git'\'''
Then it hangs until the error occures.
For now i copied the project to my raspberry und pushed from there. There it worked without problems.
I am really desperate, git is an essential tool.
Try to re add your ssh key to your ssh agent
ssh-add ~/.ssh/id
where id is the ssh key is the key associated with your github repository

git clone from internal gitlab repository doesn't work unless I'm running as root

I'm trying to clone an internal gitlab repository, but it keeps giving me this error message
fatal: unable to access 'https://gitlab**************.git/': gnutls_handshake() failed: Error in the pull function.
But somehow, if I'm running as root, the cloning process would run perfectly.
The problem is, I needed this to work because I'm trying to use this repository on Jenkins.
Can someone help me or explain why it only worked if I'm running as root?
root uses the same version of git and curl.
But it does not use the same:
global git config: compare the output of git config --global -l in both instances (root and regular user account).
environment configuration (type env in both cases, and compare the environment variables)
In particular, look for sslcainfo (git config --global -l|grep -i ssl) which could reference the certificate needed to contact through TLS your on-premise HTTPS GitLab URL.

gnutls_handshake() failed: Handshake failed GIT

Everything was working fine but suddenly I am getting the error:
fatal: unable to access
'https://username#bitbucket.org/name/repo_name.git/':
gnutls_handshake() failed: Handshake failed
I am getting this on my computer as well as an EC2 instance. When I tried on another computer then it is working fine there.
I have tried many solutions from Stackoverflow and from other forums. but nothing worked!
On the computer, os is Linux mint 17 and on EC2 instance, Ubuntu 14.04.6 LTS.
What can be the issue and what should I do to fix this issue?
Ran into the same issue on a server with Ubuntu 14.04, and found that on Aug 24, 2020 bitbucket.org changed to no longer allow old ciphers, see https://bitbucket.org/blog/update-to-supported-cipher-suites-in-bitbucket-cloud
This affects https:// connections to bitbucket, but does not affect ssh connections, so the quickest solution for me was to add an ssh key to bitbucket, and then change the remote from https to ssh.
The steps to change the remote I found from here, and they are essentially:
# Find the current remote
git remote -v
origin https://user#bitbucket.org/reponame.git (fetch)
origin https://user#bitbucket.org/reponame.git (push)
# Change the remote to ssh
git remote set-url origin git#bitbucket.org:reponame.git
# Check the remote again to make sure it changed
git remote -v
There is more discussion about the issue on the Atlassian forums at https://community.atlassian.com/t5/Bitbucket-questions/fatal-unable-to-access-https-bitbucket-org-gnutls-handshake/qaq-p/1468075
The quickest solution is to use SSH instead of HTTPS. I tried other ways to fix the issue but it was not working.
The following are steps to replace HTTPS from SSH:
Generate ssh key using ssh-keygen on the server.
Copy the public key from the generated id_rsa.pub file from step 1 and add it at following links depending on the repository host -
Bitbucket - https://bitbucket.org/account/settings/ssh-keys/
Github - https://github.com/settings/ssh/new
Gitlab - https://gitlab.com/profile/keys
Now run the following command to test authentication from the server command line terminal
Bitbucket
ssh -T git#bitbucket.org
Github
ssh -T git#github.com
Gitlab
ssh -T git#gitlab.com
Go to the repo directory and open .git/config file using emac or vi or nano
Replace remote "origin" URL (which starts with https) with the following -
For Bitbucket - git#bitbucket.org:<username>/<repo>.git
For Github - git#github.com:<username>/<repo>.git
For Gitlab - git#gitlab.com:<username>/<repo>.git
sudo bash
mkdir upgrade
cd upgrade
wget https://www.openssl.org/source/openssl-1.1.1g.tar.gz
tar xpvfz openssl-1.1.1g.tar.gz
cd openssl-1.1.1g
./Configure
make ; make install
cd ..
wget https://curl.haxx.se/download/curl-7.72.0.tar.gz
tar xpvfz curl-7.72.0.tar.gz
cd curl.7.72.0
./configure --with-ssl=/usr/local/ssl
make ; make install
cd ..
git clone https://github.com/git/git
cd git
vi Makefile, change prefix= line to /usr instead of home
make ; make install

Not able to access git repo from jenkins

I have configured Jenkins on a Linux machine and my git repo is on an another Linux server. But when I try to give the URL of the repo to Jenkins I get the following error.
Failed to connect to repository : Command "git -c core.askpass=true ls-remote -h ssh://user#ip/~/export1 HEAD" returned status code 128:
stdout:
stderr: Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
What could be the cause for this?
I have seen that both the systems' rsa key is present in each other's .ssh/known_hosts folder.
I am able to pull or clone code from the repo to a folder in Jenkins system as well. So why is Jenkins not able to take it?
I have also tried the URL user#ip:/fullpath/to/repo
You need to make sure Jenkins is running as the right user (the one who has the keys in ~/.ssh/id_rsa(.pub)
That user might not be the same as the one used in the ssh url: user#ip means you are connecting to ip using an account which has your public key in ~user/.ssh/authorized_key.
So the Jenkins process must be run by an account which has the private and public key, whose public key is in ~user/.ssh/authorized_key on the git server side.
And that account should have done (only once) an ssh-keyscan -H ip >> ~account/.ssh/known_hosts before any ssh attempt, in order to record the git server ip as a known host.
Does it being a bare repo make any difference or change in the URL?
No. The .git at the end of the bare repo folder is optional when used as an url.
Further to #VonC's reply, you can also use the Credentials plugin to define a set of credentials on your Jenkins master that your Jenkins job uses to access your Git repo. This allows you to run Jenkins itself as a different user from there one that has access to the Git repo.
The main problem was the security of the systems. I hadnt checked the authentication mechanisms on my server. The password authentication to the git server was causing the problem because the jenkins machine tries to directly fire a ls-remote to the path. When you do the same thing on the terminal you will be prompted for a password and then itl accept. When I set the password authentication and UsePAM to no and enabled the RSA authentication, pubkey authentication and authorised key setting to yes in the sshd_config file, and restarted, it was able to access the repo and I dint get this error.

gitlab error - the remote en hung up unexpectedly

I installed Gitlab on my Ubuntu successfully(gitlab.domain.com), on a client PC I installed Git (windows 7), then run Git Bash to generate SSH keys with command: ssh-keygen -t rsa -C "username#domain.com" to create private/public keys on C:\Users\AccountName.ssh
Then, add public key to profile on installed gitlab. Then can clone/push on Git Bash.
However, I can not reproduce this on other PCs, I tried some PCs, created new users, new ssh keys...
but always encounter that error "The remote end hung up unexpectedly", sometimes can clone but also get that error when pushing.
I can only clone/push on first PC. I'm so confused, don't know what I missed. I'm trying to get my team on Git
Thanks a lot for any advice
Make sure you are pointing it at the correct git server. Also - login on your Jenkins server (Under the jenkins user) and ssh to git#your-git-server and make sure to select 'yes' to add the server to your known hosts.
I had the same error and it was an access-level problem :
my user only had guest access to my project so it wasn't able to clone it. I changed the access level to developper and it solved my problem

Resources