1

I have a git server set up on Linux, and it's working great:

[git@HOST ~]$ git clone -v git://HOST.com/repositories/Extras
Cloning into Extras...
remote: Counting objects: 12, done.
remote: Compressing objects: 100% (12/12), done.
remote: Total 12 (delta 3), reused 0 (delta 0)
Receiving objects: 100% (12/12), 23.54 MiB | 16.63 MiB/s, done.
Resolving deltas: 100% (3/3), done.

Note that HOST.com is not real. :)

I would now like to get the same thing working over SSH, so I can add privacy and authentication. At the moment, it is not working:

[git@HOST ~]$ git clone -v ssh://HOST.com/repositories/Extras
Cloning into Extras...
Enter passphrase for key '/home/git/.ssh/id_rsa':
ERROR:gitosis.serve.main:Repository read access denied
fatal: The remote end hung up unexpectedly

It looks like the SSH connecting is working, but git is having some permissions problems. SELinux is not enabled.

In /var/log/messages, I see the following:

Sep 23 16:26:18 HOST sshd[32115]: Accepted publickey for git from X.X.X.X port 51023 ssh2
Sep 23 16:26:18 HOST sshd[32116]: fatal: mm_request_receive: read: Connection reset by peer
Sep 23 16:26:18 HOST sshd[32115]: pam_unix(sshd:session): session opened for user git by (uid=0)
Sep 23 16:26:19 HOST sshd[32121]: Received disconnect from X.X.X.X: 11: disconnected by user
Sep 23 16:26:19 HOST sshd[32115]: pam_unix(sshd:session): session closed for user git

Anyone have some advice on where I might start looking?

Thanks! Mike

knittl
  • 246,190
  • 53
  • 318
  • 364
Mike Bobbitt
  • 739
  • 9
  • 12
  • I've never had luck with Git/SSH when the key has a passphrase. – Nic Sep 23 '11 at 17:40
  • 1
    gitosis hasn't been updated since 2009. Consider updating to gitolite – knittl Sep 23 '11 at 17:46
  • Also agreeing with @knittl. Gitolite is a dream and a half. – Nic Sep 23 '11 at 17:49
  • I find Gitosis a much more elegant solution than Gitolite. If I were making a step up from Gitosis I would probably look into Gitorious, which provides a web UI for controlling repositories. – larsks Sep 23 '11 at 18:30

3 Answers3

0

It looks like you're using Gitosis. Have you configured your {{gitosis.conf}} to permit access to the repository you're tryng to use? Have you installed your public key?

Start by turning on debug logging in your gitosis configuration:

[gitosis]
loglevel = DEBUG

This will result in verbose logging when you connect with ssh.

The most common causes of this problem are: emphasized text - A typo in the repository or user name. - The wrong key installed, or key filename not matching the username in the configuration.

The debug output will highlight these problems effectively. For example, connecting to our local gitosis repository with debug logging on includes the following:

Access check for 'lars@obliquity.example.com' as
  'writable' on 'gitosis-admin.git'...

(This shows who gitosis thinks I am.)

found 'lars@obliquity.example.com' in 'admins'

(This shows what group I'm associated with.)

Access ok for 'lars@obliquity.example.com' as
  'writable' on 'gitosis-admin'

(And this shows my access.)

larsks
  • 277,717
  • 41
  • 399
  • 399
  • Thank-you... I neglected to mention that I am using gitosis... my config does include this section for the repo: [group developers] members = git@HOST.com me you writable = Extras Proj1 Proj2 – Mike Bobbitt Sep 23 '11 at 18:27
  • Your comment appears to have been truncated. Put your config in your question, and also turn on debug logging and show us what the output is. – larsks Sep 23 '11 at 18:33
0

If you're going to spend significant time on this, it's better to switch to gitolite. There will be no impact to the users as you can commit the same keys to the gitolite admin repo.

For your current problem, try accessing via SSH with the -vvvv option to see a detailed debug output of what key is being used etc.

Hope this helps.

Adam Dymitruk
  • 124,556
  • 26
  • 146
  • 141
  • Running ssh verbosely will not yield any useful information. As you can see from the output, the ssh connection is working just fine *and* the authentication is happening correctly; the problem is that Gitosis is denying access to the repository. This is strictly a configuration probem. – larsks Sep 23 '11 at 18:31
  • How much time have you spent on this so far? Should take the time to migrate anyway. – Adam Dymitruk Sep 23 '11 at 19:03
0

Thanks everyone... In the end I went with gitolite, but that was not the source of the problem. It was a key mismatch between the client and the SSH server... A simple thing that I thought I'd checked. Once I matched up the user's .pub key that I had registered with git, and their ~/.ssh/id_rsa.pub, everything started working as expected.

Thanks!

Mike

Mike Bobbitt
  • 739
  • 9
  • 12