2

I have a new setup of Jenkins running as a WAR deployment on a Tomcat6 server in Ubuntu. I also have, on that same server, and install of Gitosis for all of my repositories.

I have been working on getting Jenkins to build the repositories, but have been unsuccessful in getting the SSH public key setup for Tomcat in my repo server. I started out by logging in as Tomcat with the command sudo su - tomcat6 and ran ssh-keygen -t rsa. After that I copied the id_rsa.pub key to the keydir directory in the gitosis repo.

So here is the basic rundown of my command:

sudo su - tomcat6
ssh-keygen -t rsa -C "tomcat6@trogdorsrv"
exit # Get back to my user
sudo cp /usr/share/tomcat6/.ssh/id_rsa.pub ~/gitosis-admin/keydir/tomcat6@trogdorsrv

My next step was to open the gitosis.conf file in the gitosos-admin repo and add my new user as the administrator of the repos:

vim ~/gitosis-admin/gitosis.conf

gitosis.conf:

[group buildserver]
writable = repo-name
members = tomcat6@trogdorsrv

I also have other members and the repo-name is the name of my actualy repo. I then pushed the gitosis-admin repo up to the remote and commited some data to it from another repo user.

I am able to read and write to my repo from the other users, but when I try to use Tomcat I get an error that it can't login. I tried logging in as Tomcat again and doing a git clone manually so that the git server's fingerprint was added to the known_hosts and when I did the clone it asked me for my git users password.

Soooo am I doing something wrong to get Jenkins SSH keys into Gitosis?

Dave Long
  • 9,569
  • 14
  • 59
  • 89

2 Answers2

1

The problem was that I named my public key tomcat6@server in the keydir, whereas gitosis requires the file to be names tomcat6@server.pub to use it even though I did copy the public key.

Dave Long
  • 9,569
  • 14
  • 59
  • 89
0

It looks like you are missing a step:

After you copy your ssh pub key to the server, you need to add its contents to a file called

authorized_keys

in the ~/.ssh folder. Just do a simple cat id_rsa.pub >> ~/.ssh/authorized_keys on your target server, and you should be able to log in without a password.

Does this work?

Sagar
  • 9,456
  • 6
  • 54
  • 96
  • I shouldn't have to do that. Gitosis handles all of that for me when I push to the gitosis-admin repository. For some reason it doesn't do that though, and if I manually add it to the authorized_keys I still can't get in. – Dave Long Sep 14 '11 at 19:31
  • Aah ok. I do not know much about Gitosis. I was looking it at from an ssh point of view. Have you tried `ssh-copy-id`? Even if Gitosis does not do it, at least ssh login should work. – Sagar Sep 14 '11 at 20:37
  • You can see what my problem was from my answer below. It turns out to simply be that I named the key wrong. – Dave Long Sep 15 '11 at 19:18
  • Thanks for putting back the answer! Good to know you got it working – Sagar Sep 15 '11 at 19:39