0

I checked out this post, but it seems like it was written for OSX and/or Windows, and I'm not really sure how to apply it to my situation:
GitLab Not Working With SSH-Keys

I set up my GitLab instance normally, using Omnibus (the bash script that adds to gitlab.sources). I'm running GitLab on a local server. The local server is using OpenSSH to allow connection from my main machine, and I have ports 80 and 8060 open to my local machine that I'm connecting to the GitLab website from. When GitLab starts, I'm able to log into the website and I was able to make an admin and a user account.

I went to settings under my user and I added the public key for the key I generated, and I even reconfigured and restarted the GitLab instance, but every time I try to connect from my local machine via Terminal I get a Permission Denied (publickey) error.

I'm not well versed in GitLab configurations (via gitlab.rb) or SSH configurations. The only things I can think of is the wrong permissions on files or directories, or GitLab doesn't know where to look / how to find the key I'm using. Any help is greatly appreciated, and I'd be happy to provide any info I left out!

Alex Eastman
  • 111
  • 3
  • What's in the server logs? – Michael Hampton Jul 18 '20 at 16:33
  • I'm really new to running a server, part of the reason I did this was to gain experience. How would I view the server logs? – Alex Eastman Jul 18 '20 at 16:33
  • First you need to figure out which Linux distribution you are using. Though you should already know this. Then you can search for how to view the logs and where they are stored on that distribution. – Michael Hampton Jul 18 '20 at 16:45
  • Hmmm. I'm running Ubuntu server, so it looks like the logs are stored in /var/log . There's a folder for gitlab, which many sub-folders inside. Can you be more specific about which logs you'd like? :-) – Alex Eastman Jul 18 '20 at 16:47
  • You're trying to ssh, so Ubuntu stores details about that in `/var/log/auth.log`. – Michael Hampton Jul 18 '20 at 16:50
  • I'll be damned, those logs are pretty useful! Lol, I checked and the problem was that I didn't have git@mymachine in AllowUsers under sshd_config. Thanks! – Alex Eastman Jul 18 '20 at 16:53

2 Answers2

1

I checked the logs under /var/log/auth.log , and I didn't have git@mymachine under AllowUsers. Thanks to @MichaelHampton !

Alex Eastman
  • 111
  • 3
1

Check out GitLab's key file, that is, /var/opt/gitlab/.ssh/authorized_keys, does it contain your key? Supposedly you can force a regen with the

gitlab-rake gitlab:shell:setup

command. But do note that this functionality was broken sometime ago. They also plan to remove this method altogether. I recommend you switch to "fast SSH lookups", it's really simple. Just add these lines to /etc/ssh/sshd_config:

Match User git    # Apply the AuthorizedKeysCommands to the git user only
  AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k
  AuthorizedKeysCommandUser git
Match all    # End match, settings apply to all users again

Then restart your SSH server. Details: Setting up fast lookup via GitLab Shell

bviktor
  • 900
  • 6
  • 12