Only one user can push/pull to github - linux

I have two CentOS servers that are set up the same. I created a git repo on server A and pushed it to github. I then cloned the repo on server B. At first, all seemed to be in order. I could commit on either server, push to the remote, and the pull on to the other server.
The problem is that my co-workers now cannot push or pull on server B (they can run git status or commit). Strangely, this applies to ALL repos on server B, not just the one I cloned. Here is the error they see:
ERROR: Repository not found.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I checked that they are in the collaborators lists (both as owners and on the team assigned to the repo).
I also tried changing to the root user and cloning the repo again--as root I received the same error as above. The global .gitconfig does not reference my user or key, and the local .git/config files are set to use SSH (git#github.com).
What would cause this error to happen all users but one? Where else should I be looking?

Add '-v' to your git command as you run it to get more verbose output, that should tell you what's wrong.

I did resolve this issue. I found the problem by running ssh -T -vvv git#github.com which showed different keys being used for my user vs. the other users on the server. The key being used generally was not tied to a user in our github account. The fix:
Generated a new SSH key
Added key to shared user on github account
Updated .ssh/config to use the new key when accessing github.com
I am not certain how the SSH key got messed up, because it worked before. But this fixed it.

Related

How to fix Permission denied (publickey) onGitlab?

I have one project on Gitlab and I worked with it for the last few days!
But after a few days it all went off! I added my home PC ssh key in Gitlab project setting, but now I want use git pull for receive new changes in my home PC show me this error:
10:47 AM Update failed
Permission denied (publickey).
Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
10:47 AM Update canceled
Gitlab ssh key image:
How can I fix it?
GitHub isn't able to authenticate you. So, either you aren't setup with an SSH key, because you haven't set one up on your machine, or your key isn't associated with your GitHub account.
You can also use the HTTPS URL instead of the SSH/git URL to avoid having to deal with SSH keys. This is GitHub's recommended method.
Further, GitHub has a help page specifically for that error message, and explains in more detail everything you could check.
I know this problem. After add ssh key, add you ssh key to ssh agent too (from official docs https://help.github.com/articles/generating-ssh-keys/)
ssh-agent -s
ssh-add ~/.ssh/id_rsa
After it, all work fine, git can view proper key, before couldn't.

Create a git repository on server side

I have a big problem and I can't understand this topic. I have a server with a website. I created a repository there with git init. Than I made a git add * to add all files from my server to the repository. Than I made a commit to commit all files to the repository.
Than I cloned it with git clone ssh://username#mysite.com/wordpress/.git to my local client.
All worked fine and I got a copy from my project. No I changed something on my local version and made a commit with a push. I looked in FileZilla but the content in the file don't changed. In the other direction when I changed something on the sever and pulled it to the local copy I saw the changes. Do you know why the changes which I made on the local copy are not visible on my sever?
Thank you for your help!
You need to push changes to a central repository that both your local machine and server can pull from (or add them as remotes for each other). A service such as GitHub works nicely for this. Here are instructions for a full workflow that works well for this. Updated instructions can be found in this gist. This workflow uses hooks to do the heavy lifting so that updates to your server are automated.
Using Git to Manage a Live Web Site
Overview
As a freelancer, I build a lot of web sites. That's a lot of code changes to track. Thankfully, a Git-enabled workflow with proper branching makes short work of project tracking. I can easily see development features in branches as well as a snapshot of the sites' production code. A nice addition to that workflow is that ability to use Git to push updates to any of the various sites I work on while committing changes.
You'll need to have Git installed on your development machines as well as on the server or servers where you wish to host your website. This process can even be adapted to work with multiple servers such as mirrors behind a load balancer.
Setting up Passwordless SSH Access
The process for updating a live web server relies on the use of post hooks within the Git environment. Since this is fully automated, there is no opportunity to enter login credentials while establishing the SSH connection to the remote server. To work around this, we are going to set up passwordless SSH access. To begin, you will need to SSH into your server.
ssh user#hostname
Next, you'll need to make sure you have a ~/.ssh in your user's home directory. If not, go ahead and create one now.
mkdir ~/.ssh
On Mac and Linux, you can harness the power of terminal to do both in one go.
if [ ! -d ~/.ssh ]; then mkdir ~/.ssh; fi
Next you'll need to generate a public SSH key if you don't already have one. List the files in your ~/.ssh directory to check.
ls -al ~/.ssh
The file you're looking for is usually named similarly to id_rsa.pub. If you're not sure, you can generate a new one. The command below will create an SSH key using the provided email as a label.
ssh-keygen -t rsa -b 4096 -C "your_email#example.com"
You'll probably want to keep all of the default settings. This will should create a file named id_rsa in the ~/.ssh directory created earlier.
When prompted, be sure to provide a secure SSH passphrase.
If you had to create an SSH key, you'll need to configure the ssh-agent program to use it.
ssh-add ~/.ssh/id_rsa
If you know what you are doing, you can use an existing SSH key in your ~/.ssh directory by providing the private key file to ssh-agent.
If you're still not sure what's going on, you should two files in your ~/.ssh directory that correspond to the private and public key files. Typically, the public key will be a file by the same name with a .pub extension added. An example would be a private key file named id_rsa and a public key file named id_rsa.pub.
Once you have generated an SSH key on your local machine, it's time to put the matching shared key file on the server.
ssh user#hostname 'cat >> ~/.ssh/authorized_keys' < ~/.ssh/id_rsa.pub
This will add your public key to the authorized keys on the remote server. This process can be repeated from each development machine to add as many authorized keys as necessary to the server. You'll know you did it correctly when you close your connection and reconnect without being prompted for a password.
Configuring the Remote Server Repository
The machine you intend to use as a live production server needs to have a Git repository that can write to an appropriate web-accessible directory. The Git metadata (the .git directory) does not need to be in a web-accessible location. Instead, it can be anywhere that is user-writeable by your SSH user.
Setting up a Bare Repository
In order to push files to your web server, you'll need to have a copy of your repository on your web server. You'll want to start by creating a bare repository to house your web site. The repository should be set up somewhere outside of your web root. We'll instruct Git where to put the actual files later. Once you decide on location for your repository, the following commands will create the bare repository.
mkdir mywebsite.git
cd mywebsite.git
git init --bare
A bare repository contains all of the Git metadata without any HEAD. Essentially, this means that your repository has a .git directory, but does not have any working files checked out. The next step is to create a Git hook that will check out those files any time you instruct it to.
If you wish to run git commands from the detached work tree, you'll need to set the environmental variable GIT_DIR to the path of mywebsite.git before running any commands.
Add a Post-Receive Hook
Create a file named post-receive in the hooks directory of your repository with the following contents.
#!/bin/sh
GIT_WORK_TREE=/path/to/webroot/of/mywebsite git checkout -f
Once you create your hook, go ahead and mark it as executable.
chmod +x hooks/post-receive
GIT_WORK_TREE allows you to instruct Git where the working directory should be for a repository. This allows you to keep the repository outside of the web root with a detached work tree in a web accessible location. Make sure the path you specify exists, Git will not create it for you.
Configuring the Local Development Machine
The local development machine will house the web site repository. Relevant files will be copied to the live server whenever you choose to push those changes. This means you should keep a working copy of the repository on your development machine. You could also employ the use of any centralized repository including cloud-based ones such as GitHub or BitBucket. Your workflow is entirely up to you. Since all changes are pushed from the local repository, this process is not affected by how you choose to handle your project.
Setting up the Working Repository
On your development machine, you should have a working Git repository. If not, you can create on in an existing project directory with the following commands.
git init
git add -A
git commit -m "Initial Commit"
Add a Remote Repository Pointing to the Web Server
Once you have a working repository, you'll need to add a remote pointing to the one you set up on your server.
git remote add live ssh://server1.example.com/home/user/mywebsite.git
Make sure the hostname and path you provide point to the server and repository you set up previously. Finally, it's time to push your current website to the live server for the first time.
git push live +master:refs/head/main
This command instructs Git to push the current main branch to the live remote. (There's no need to send any other branches.) In the future, the server will only check out from the main branch so you won't need to specify that explicitly every time.
Build Something Beautiful
Everything is ready to go. It's time to let the creative juices flow! Your workflow doesn't need to change at all. Whenever you are ready, pushing changes to the live web server is as simple as running the following command.
git push live
Setting receive.denycurrentbranch to "ignore" on the server eliminates a warning issued by recent versions of Git when you push an update to a checked-out branch on the server.
Additional Tips
Here are a few more tips and tricks that you may find useful when employing this style of workflow.
Pushing Changes to Multiple Servers
You may find the need to push to multiple servers. Perhaps you have multiple testing servers or your live site is mirrored across multiple servers behind a load balancer. In any case, pushing to multiple servers is as easy as adding more urls to the [remote "live"] section in .git/config.
[remote "live"]
url = ssh://server1.example.com/home/user/mywebsite.git
url = ssh://server2.example.com/home/user/mywebsite.git
Now issuing the command git push live will update all of the urls you've added at one time. Simple!
Ignoring Local Changes to Tracked Files
From time to time you'll find there are files you want to track in your repository but don't wish to have changed every time you update your website. A good example would be configuration files in your web site that have settings specific to the server the site is on. Pushing updates to your site would ordinarily overwrite these files with whatever version of the file lives on your development machine. Preventing this is easy. SSH into the remote server and navigate into the Git repository. Enter the following command, listing each file you wish to ignore.
git update-index --assume-unchanged <file...>
This instructs Git to ignore any changes to the specified files with any future checkouts. You can reverse this effect on one or more files any time you deem necessary.
git update-index --no-assume-unchanged <file...>
If you want to see a list of ignored files, that's easy too.
git ls-files -v | grep ^[a-z]
References
Deploy Your Website Changes Using Git
A simple Git deployment strategy for static sites
Using Git to manage a website
Ignoring Local Changes to Tracked Files in Git
pushing the code merely updates the remote repository's references.
It doesn't change the checked out working copy.
Consider that you could add a colleague's repository as a remote. If you pushed and the behaviour was that it would auto-checkout that new code, that would affect what they're working on.
It sounds like what you really want is a continuous integration tool, be it something full featured or merely an rsync triggered from a git hook.
you should only ever push to a bare repository (unless you know exactly what you are doing; and even then, you should only ever push to a bare repository).
you shouldn't clone a working copy's .git/ directory.

GitHub SSH access not working

I have created a new user on github under our organization which will be used for auto deployment. I followed the article on https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/#platform-linux.
Somehow, when I tried to clone the repository to the server, it worked once. The code was running properly, and I exit the server. Today, we released an update to the code, and I wanted to deploy the code manually to the server, so I ssh'd into the server and tried to pull the repository with git pull. It gave me Permission denied error. After some debugging I realized that the ssh-agent wasn't running. So I executed the following commands:
eval "$(ssh-agent -s)"
ssh-add .ssh/id_rsa_staging
Now, when I try ssh -T git#github.com, I see the welcome message which is:
Hi *****! You've successfully authenticated, but GitHub does not provide shell access.
But when I try to pull from the repository, I am continuously getting this error message:
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I checked the repository and the user has read access to it. I double checked if the keys match on github and server, yes they do. I tried generating new keys. I tried using ssh/config file. Nothing helped...
I appreciate any help & suggestions!
Update:
So I figured out that git clone command is working properly, but even when I try git pull right after git clone, it is giving the error.
If you are using sudo to git pull/push to the remote you need to ensure you used sudo to generate your SSH keys. Otherwise you will not be using the same keys that you originally generated.
github doc for reference
I had the exact same issue.
For me what worked was
Go to repo on github which you have cloned and wanna pull with
Under the code-download option copy SSH link
Enter following command in your terminal -->
git remote set-url origin paste_SSH_link

Not able to access git repo from jenkins

I have configured Jenkins on a Linux machine and my git repo is on an another Linux server. But when I try to give the URL of the repo to Jenkins I get the following error.
Failed to connect to repository : Command "git -c core.askpass=true ls-remote -h ssh://user#ip/~/export1 HEAD" returned status code 128:
stdout:
stderr: Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
What could be the cause for this?
I have seen that both the systems' rsa key is present in each other's .ssh/known_hosts folder.
I am able to pull or clone code from the repo to a folder in Jenkins system as well. So why is Jenkins not able to take it?
I have also tried the URL user#ip:/fullpath/to/repo
You need to make sure Jenkins is running as the right user (the one who has the keys in ~/.ssh/id_rsa(.pub)
That user might not be the same as the one used in the ssh url: user#ip means you are connecting to ip using an account which has your public key in ~user/.ssh/authorized_key.
So the Jenkins process must be run by an account which has the private and public key, whose public key is in ~user/.ssh/authorized_key on the git server side.
And that account should have done (only once) an ssh-keyscan -H ip >> ~account/.ssh/known_hosts before any ssh attempt, in order to record the git server ip as a known host.
Does it being a bare repo make any difference or change in the URL?
No. The .git at the end of the bare repo folder is optional when used as an url.
Further to #VonC's reply, you can also use the Credentials plugin to define a set of credentials on your Jenkins master that your Jenkins job uses to access your Git repo. This allows you to run Jenkins itself as a different user from there one that has access to the Git repo.
The main problem was the security of the systems. I hadnt checked the authentication mechanisms on my server. The password authentication to the git server was causing the problem because the jenkins machine tries to directly fire a ls-remote to the path. When you do the same thing on the terminal you will be prompted for a password and then itl accept. When I set the password authentication and UsePAM to no and enabled the RSA authentication, pubkey authentication and authorised key setting to yes in the sshd_config file, and restarted, it was able to access the repo and I dint get this error.

Installing git repository on Oracle Enterprise Linux 5 -- SSH problems

I have been banging my head against a wall for a while now, and none of the people in my immediate vicinity know more than I do at this point.
My office has a lab box that they want to use for a central git repository -- mainly for testing various things. They also, of course, want me to get some experience setting up git so that we can possibly set up other git instances later.
I am running Windows 7 with an OEL 5.7 VM, and the box is running OEL 5.5. From my VM, I SSHed into the lab box and started tinkering. After installing git and gitosis, I have managed to get the instance working locally. I can see the git repository just fine, and if I try to clone it locally, it all works like a dream. But if I try to SSH in from my VM, it either A.) kicks me out with fatal: 'testproject.git' does not appear to be a git repository or B.) kicks me out with Permission denied (publickey,gssapi-with-mic), depending on how I invoke git.
Example: I configured the access to a test project I created (and tested locally) as follows:
[group team]
writable = testproject
members = oracle#RCSDB cwerness cwerness#localhost cwerness#localhost.localdomain
This is my first experience setting up a git repository, so I wanted to cover my bases regarding remote users. Thus, the redundancy in the members section.
When I try to clone the repository with my username only, I get
[cwerness#localhost Desktop]$ git clone cwerness#10.1.1.10:testproject.git
Cloning into testproject...
Enter passphrase for key '/home/cwerness/.ssh/id_rsa':
fatal: 'testproject.git' does not appear to be a git repository
fatal: The remote end hung up unexpectedly
If, however, I try to clone the repository with more information, I get
[cwerness#localhost Desktop]$ git clone "cwerness#localhost.localdomain"#10.1.1.10:testproject.git
Cloning into testproject...
Permission denied (publickey,gssapi-with-mic).
fatal: The remote end hung up unexpectedly
I have all the public keys stored in the /keydir folders. The repository was created and is owned by the user oracle, and I have tried all permutations of that user and its domain in the above clone commands as well, to no effect. Additionally, I tried setting up a ~/.ssh/config file like this
Host labbox
Hostname 10.1.1.10
User cwerness
IdentityFile /home/cwerness/.ssh/id_rsa
Again, I tried all the different ways to connect, from both users. Nothing is giving me any more information than I already had.
The box is set up to authenticate SSH connections via public keys, and that works fine. I can SSH into the box as cwerness with no problems.
This is getting to be a huge headache for me, and I'd like it if someone could tell me exactly HOW I am being stupid, if not a way to fix this problem.
git clone cwerness#10.1.1.10:testproject.git will look in the home directory for the user cwerness but you state you put the repository in /home/oracle/repositories. Try git clone cwerness#10.1.1.10:/home/oracle/repositories/testproject.git.

Resources