I've installed GitLab per https://github.com/gitlabhq/gitlab-recipes/tree/master/install/centos.
The instructions state to add user "git"
adduser --system --shell /sbin/nologin --comment 'GitLab' --create-home --home-dir /home/git/ git
All seemed to work. I then added a project on the GitLab server, and it gave instructions to push to it:
cd existing_git_repo
git remote add origin git#mysite.com:root/bidjunction.git
git push -u origin master
I then went to my client to push to the git server.
[Michael#devserver bidjunction]$ git push -u origin master
The authenticity of host 'mysite.com (123.456.789.01)' can't be established.
RSA key fingerprint is cd:32:3c:5a:4e:33:44:11:df:ee:3s:4b:3a:c2:a4:c2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'mysite.com,123.456.789.01' (RSA) to the list of known hosts.
Address 123.456.789.01 maps to ve6.phpwebhosting.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
git#mysite.com's password:
Is there a password I should have set? Probably not, and instructions don't address.
Reading System ask password when push project to github, it appears it might be related to SSH.
GitLab provides the following instructions to add a SSH key. I followed them, and first added the key to my general user's home on the server. No change. Then tried logging on a root, and added a key to git's home. Still none, but I am thinking that the client already has my general user's key, thus is not pulling the new git key.
EDIT. Please confirm that I should add these keys to the GitLab server, and not my Linux client.
Any and all help would be very much appreciated.
SSH Keys
SSH key allows you to establish a secure connection between your computer and GitLab
Before generating an SSH key, check if your system already has one by running cat ~/.ssh/id_rsa.pub If your see a long string starting with ssh-rsa or ssh-dsa, you can skip the ssh-keygen step.
To generate a new SSH key just open your terminal and use code below. The ssh-keygen command prompts you for a location and filename to store the key pair and for a password. When prompted for the location and filename you can press enter to use the default. It is a best practice to use a password for an SSH key but it is not required and you can skip creating a password by pressing enter. Note that the password you choose here can't be altered or retrieved.
ssh-keygen -t rsa -C "$your_email"
Use the code below to show your public key.
cat ~/.ssh/id_rsa.pub
Copy-paste the key to the 'My SSH Keys' section under the 'SSH' tab in your user profile. Please copy the complete key starting with ssh- and ending with your username and host.
EDIT 2
Looks like I was confused, and used GitLab's server id_rsa.pub. Guess that doesn't make any sense! I've since corrected it, but now I get this error:
[Michael#devserver ~]$ ssh git#mysite.com
Address 123.456.789.01 maps to ve6.phpwebhosting.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
PTY allocation request failed on channel 0
This account is currently not available.
Connection to mysite.com closed.
[Michael#devserver ~]$
Seems like a SELinux permission issue. Steps to follow:
restorecon -R -v /home/git/.ssh
usermod -s /bin/bash git
Edit your home machine user's .ssh/config to something like:
Host mysite.com
User gitlab_username
Hostname mysite.com
PreferredAuthentications publickey
IdentityFile /home/user/.ssh/id_rsa
Try connecting to the gitlab server ssh -T git#mysite.com. You should see a message welcoming you.
I added it to the installation guide. I have a merge request ready with several enhancements. I will merge it when gitlab 6.8 is released.
I believe you need to set up your global config username and email
$ git config --global user.name "John Doe"
$ git config --global user.email johndoe#example.com
Check if the git user has a no login shell as you specified. Changing that to bash as suggested fixed my problem (usermod -s /bin/bash git).
Related
I want to git push on Ubuntu via a single command, such as:
echo -e "email\ntoken" | git push origin branchName
git push origin branchName && email && token
But after the command I have to put in my email:
How to use ssh keys to easily push to / pull from GitHub
You need to:
Configure your remote to use the ssh version of the GitHub repo address instead of the http version.
Generate a public/private ssh key pair, and add the public key to your GitHub account manually via your web browser.
Details
Configure your remote to use the ssh version of the GitHub repo address instead of the http version. Ex:
For this repo of mine: https://github.com/ElectricRCAircraftGuy/eRCaGuy_hello_world, use this ssh URL: git#github.com:ElectricRCAircraftGuy/eRCaGuy_hello_world.git instead of this HTTPS one: https://github.com/ElectricRCAircraftGuy/eRCaGuy_hello_world.git:
# View your current remote servers and their URLs
git remote -v
# Set your `origin` remote server to use the ssh URL instead
# of the HTTPS one
git remote set-url origin https://github.com/ElectricRCAircraftGuy/eRCaGuy_hello_world.git
Generate a public/private ssh key pair, and add the public key to your GitHub account manually via your web browser.
See my full notes on ssh stuff here: https://github.com/ElectricRCAircraftGuy/eRCaGuy_dotfiles/tree/master/home/.ssh
# generate a public/private ssh key pair
ssh-keygen -t ed25519 -C "your_email#example.com"
# Ensure the ssh-agent is running (this starts the `ssh-agent`)
eval "$(ssh-agent -s)"
# Add your private key to it; update the path to your private key below, as
# required, based on what path you interactively selected above when
# generating the key
ssh-add ~/.ssh/id_ed25519
# Verify what keys have been added to the ssh-agent by listing
# (`-l`) currently-added keys.
# A. If you see "Could not open a connection to your authentication agent.",
# it means the `ssh-agent` has not been started yet, so you must start it
# with `eval "$(ssh-agent -s)"`.
# B. If you see "The agent has no identities.", it means the ssh-agent is
# running but you haven't added any ssh keys to it, so run `ssh-add
# path/to/private_key` to add a key to the agent.
ssh-add -l
Now log into github in a web browser and click on your profile image --> Settings --> SSH and GPG keys (on left) --> New SSH key --> copy and paste the contents of your .pub key file (ex: run cat ~/.ssh/id_ed25519.pub on your Ubuntu machine to read the public key--adjust that path as necessary if you used a different file name) into GitHub here --> click "Add SSH key".
Now, whenever you type git push it automatically works, using your ssh key.
References
My full ssh notes: https://github.com/ElectricRCAircraftGuy/eRCaGuy_dotfiles/tree/master/home/.ssh
You can provide the username once as part of the https git remote address.
First run git remote -vv to get the full, current remote URL.
Then to change your existing remote, you can do a command like:
git remote set-url origin https://yourname#github.com/yourname/yourrepo.git
where the new part is yourname# (substitute your github user name) and the rest of the URL should be the same as shown in git remote -vv
I successfully added remote (private) GitLab account under Windows 10 in GitAhead but under a Linux openSUSE Leap 15 I got "Connection failed: SSL handshake failed".
Note that I can clone, pull, fetch, commit, push in repositories from repositories in the GitLab I want to add, I also tried to reset SSH handshake with:
$ ssh-keygen -R gitlab.mydomain.net
# Host gitlab.mydomain.net found: line 31
/home/user/.ssh/known_hosts updated.
Original contents retained as /home/user/.ssh/known_hosts.old
$ ssh git#gitlab.mydomain.net
The authenticity of host 'gitlab.mydomain.net (<IP>)' can't be established.
ECDSA key fingerprint is SHA256:**************.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'gitlab.mydomain.net,<IP>' (ECDSA) to the list of known hosts.
Welcome to GitLab, #UserName!
Connection to gitlab.mydomain.net closed.
But it still does not work, anyone knows if there is something to configure to allow it under Linux ?
Thanks
For a starter, check the rights on directories on the server-side. The home-dir as well as the .ssh-dir should be treated with chmod 700. The same is true for the key files.
You should aim for a passwordless login on your server. As soon as this works, GitAhead should be fine. If you have a Git-Shell in your server-side /etc/passwd, replace it by /bin/sh for the sake of sending your pubkey: On the client, enter ssh-copy-id -i yourprivatekeyfile somerandomgituser#ipofyourgitserver. After that, if successful, you can reset the /etc/passwd line back to the Git-Shell.
I am using macOS Catalina. I already have a repository on GitLab and an SSH-key assigned. Now I want to create another repository from the terminal. I do the following:
git config user.name my_name
git config user.email my_email
git init
Then I get this:
Initialized empty Git repository in directory
So far so good.
git remote add origin git#gitlab.com:my_name/repo.git
git add .
git commit -m 'commit'
git push -u origin master
Then I get the following error:
git#gitlab.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Then I go to the repository I already had and try to push there, everything works so I guess I don't have a problem with SSH-key. I know this is a very common question on the internet but none of the answers solved my problem.
First, you should get "Initialized empty Git repository in directory" only after a git init ., not after a git remote add origin ...
Second, with GitLab, you can push to create a new project, as illustrated in this MR, starting with GitLab 10.5 (Q1 2018)
Third, if the error persists, then the key is somehow at fault.
Test it with:
ssh -Tv git#gitlab.com
Also
git -c core.sshCommand="ssh -v" push -u origin master
To generate a valid key:
ssh-keygen -t rsa -P "" -m PEM
And register your new id_rsa.pub to your GitLab profile.
I tried all the above mentioned solutions but none of it worked. I then read the logs and found that it is looking for the key in a specific folder and I created the key and added it to my Gitlab profile too. Then it started working.
Git authentication issue can be solved by reading the logs of the git and creating appropriate SSH keys under appropriate folders.
Steps
Run the following command and it will try to push the code and if it not successful then it will display where the error is
git -c core.sshCommand="ssh -v" push -u origin master
Now, we can generate a new SSH key and the following command will generate a key in the working folder.
ssh-keygen -t rsa -P "" -m PEM
It will ask for key name, you can give id_rsa as the key name or any name which the Bash displays as "Trying private key: c:/Users/Dell/.ssh/".
Once the key is generated in bash, your working directory will have the key.
While running the command in step1, you will see that the folder in which it is looking for a private key. In my case it is "c:/Users/Dell/.ssh/id_rsa"
We should put the generated keys from the working folder into this folder
β
We should also make sure that we add our SSH Key to the Gitlab account.
Click on your Gitlab account MyProfile and select preferences.
Click to see how to add SSH to your Gitlab account
β
Click the SSH keys menu, open the generated key file using notepad and copy the content of the key from notepad and paste it in the SSH key text editor and save it .
Click to see how to add SSH Key to your Gitlab account
Again, run the following command and check now. The code will be pushed.
git -c core.sshCommand="ssh -v" push -u origin master
the code will be pushed.
The same issue happened.
I used HTTPS instead of SSH
(I followed the instruction steps after creating repo in GitLab but that cause a Permission issue. It's is because of ssh pub key to upload)
These steps work without using SSH
Create a repository/project in GitLab
I removed .git (that caused permission issue in previous. For to start with fresh)
git config --global user.name "user_name"
git config --global user.email "user.email#gmail.com"
git init .
git remote add origin https://gitlab.com/user.account/user_project.git
git add . and git commit -m "initial commit"
git push -u origin master
It will ask username and password. Then fixed.
When I try to clone the repository in Linux machine I am facing the below issue
-bash-4.1$ git clone
ssh://xxxxx#alm.oraclecorp.com:2222/epm_pbcs_15318/pbcs.git
Initialized empty Git repository in /home/xxxx/testgit/pbcs/.git/
Permission denied (keyboard-interactive,publickey).
fatal: The remote end hung up unexpectedly
Note:- I have added public ssh key in the repository
I have generated a key in my Linux machine using
ssh-keygen -t rsa -C "email#gmail.com"
and later on, copied the public key to alm where the GIT is hosted.
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwVM4haHIEOk6P7+h4xEDyZBrGjSLx53jNFE1AqMNWnPKWwxpGX5w4l/B0WJpP7G9gLJaZPw9loSEDDr3mGx5bRi3D8k6EFgFMpctALJlKTHFW1x47A1Z+0h2GZUvL5WZj1ZXicvpbHRxX5B+FB8s+b2d3uvwVVl26lIK3f6K2iUiRePlUH/1TPBTk/kzxvDBZQCRQKxM4Zb13S7b9WJcxt85g3+jCIebDbAaswUmIeWicM+BREmcP75ZV6ZEF1cBB54TvMrygsTzJacQS6/IsobOaZpWM7iVXTnEGjFh8iKCA5VacMMEt+QR8kc/CGOm1ujcNFbK6hikp2CpSOo4wQ== email#gmail.co
Please help me if there is any way to fix it
I think your problem is that you are not using your private key to connect to that repository.
The easiest way to do it is by adding the following lines to either ~/.ssh/config or /etc/ssh/ssh_config, please be careful and add the lines at the beggining of the file, * configuration must be at the end of the /etc/ssh/ssh_config (if you use this file for configuration):
Host alm.oraclecorp.com
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
IdentityFile YOUR_PRIVATE_KEY_LOCATION
Port 2222
User YOUR_USER
REMEMBER TO EDIT YOUR_PRIVATE_KEY_LOCATION AND YOUR_USER with your data
Let me know if this worked.
BR
I have successfully created gitolite-admin.git repo on server (say) 10.107.105.13. I can clone this repo on my local machine (say) 10.14.42.7 by issuing git clone gitolite#10.107.105.13:gitolite-admin. I had to add some lines in .ssh/config file to make sure that correct private key is used.
Then I have added a user dilawar to conf/gitolite.conf file and a appropriate key dilawar.pub to keys folder. I have added and commited this commit to the gitolite-admin repo. I have also added one more entry in .ssh/conf file so that a correct private key is used. But when I try to do git clone dilawar#10.107.105.13:testing, gitolite asks for the password. I am under the impression that I do not have to create user dilawar on 10.107.105.13. I have checked by logging into server that repository testing.git exists as well public-key dilawar.pub has been added to .ssh/authorized_keys.
I have also tried ssh -vvvv dilawar#10.107.105.13 to check if the correct file is being offered. Here is my .ssh/conf file.
HostName 10.107.105.13
User gitolite
IdentityFile ~/.ssh/gitolite
Host 10.107.105.13
HostName 10.107.105.13
User dilawar
IdentityFile ~/.ssh/id_rsa
What I am doing wrong?
In your config file, I see:
User dilawar
That is wrong. ssh communication to a gitolite server are always done with the same account (here gitolite).
What changes is the private key used, which will help gitolite determine your identity.
What you ~/.ssh/config file should look like is:
Host admin
HostName 10.107.105.13
User gitolite
IdentityFile ~/.ssh/gitolite
Host dilawar
HostName 10.107.105.13
User gitolite
IdentityFile ~/.ssh/id_rsa
For cloning gitolite-admin, you would use:
git clone admin:gitolite-admin
For cloning a repo dilawar has access to:
git clone dilawar:aRepo
See more at "Gitolite: adding user not working, and DENIED by fallthru when cloning as root?".
See also "how gitolite uses ssh"
Adding your public key to the server's ~git/.ssh/authorized_keys file is how ssh uses pubkeys to authenticate users.
Let's say sita#work.station is trying to log in as git#server.
What you have to do is take the ~sita/.ssh/id_rsa.pub file for user sita on work-station and append its contents (remember it's only one line) to ~git/.ssh/authorized_keys for user git on server.
The authorized_keys file can have multiple public keys (from many different people) added to it so any of them can log in to git#server.
I have got it working by cloning the repository using the gitolite username.
git clone gitolite#server:repo
If keys are added successfully then further pull and push will go smoothly.
I am accepting VomC answer as a better answer.
VonC's answer is the key, but I ran into an edge case that's worth mentioning for future searchers.
Even if you do everything else right, as in VonC's answer, a somewhat standard setting for ControlPath can mess things up.
I had two users in ~/.ssh/config, as below:
Host gitolite
HostName <whatever>
User git
IdentityFile ~/.ssh/gitolite
Host username
HostName <whatever>
User git
IdentityFile ~/.ssh/username
In theory, this should have allowed me to run git clone git#username:reponame, but the server kept thinking that I was trying to clone the repo as the gitolite admin (who does not have permission to clone that repo), rather than as the gitolite user (who does have permission to clone the repo).
The problem was that in my all hosts section, I had the following:
Hosts *
# other stuff that doesn't matter
ControlPath ~/.ssh/ssh-%r#%h:%p
If you don't see it right away (I didn't!), the problem is that the expansions for %r#%h%p (= username#hostname:port) are identical for the gitolite and username entries. They're both git#hostname:port! Once I realized that, it was an easy fix. Simply add distinguishing elements into a more specific ControlPath entry for those two users. E.g.,
Host gitolite
HostName <whatever>
User git
IdentityFile ~/.ssh/gitolite
ControlPath ~/.ssh/gitolite-admin-%r#%h:%p
Host username
HostName <whatever>
User git
IdentityFile ~/.ssh/username
ControlPath ~/.ssh/gitolite-username-%r#%h:%p
I had to edit /etc/ssh/sshd_config and add git (the user) to the line which begins with AllowUsers.
Then I had to add git to a sysadmin group that was also allow on sshd_config's line that begins with AllowGroups.
Don't forget to restart the ssh daemon with sudo service ssh restart.
Note : I didn't have to ssh-copy-id or add the public key to /home/git/.ssh/authorized_keys as suggested before (gitolite's developer recommends against this btw.)
I had the same problem, with a different solution because of my config. I setup my gitolite user as βgitβ so I needed to do git clone git#server:repo.git