0

I have gitolite setup on a RHEL linux host. It is functional and it's doing its job of accepting ssh keys.

I've instructed my users to use tortoisegit as the management tool of their repositories. This is because tortoisegit comes with a ssh key generator, and the pageant. With the pageant running, and their key loaded, it works fine.

BUT.

some of the users forget to load the key, and they get a popup asking for the gitolite user password. dialog title:TortoisePlik content: git@servername.com password: image of dialog: http://i.imgur.com/Vbbk7.png

is there a way I could deny this dialog by changing a configuration on the server side, like in pam or sshd?

paxamus
  • 127
  • 1
  • 8

2 Answers2

4

SSH authentication methods are configured in the SSH server; for OpenSSH – /etc/ssh/sshd_config.

As described in sshd_config(5), certain options can be set in a Match block. Add a Match User git block, and inside it disable password and keyboard-interactive authentication methods:

Match User git
    PasswordAuthentication no
    KbdInteractiveAuthentication no
user1686
  • 13,155
  • 2
  • 35
  • 54
  • okay, thank you. these are my settings now: Match User git PasswordAuthentication no KbdInteractiveAuthentication no GSSAPIAuthentication no KerberosAuthentication no HostbasedAuthentication no PubkeyAuthentication yes I still get the dialog. so there must be something special about the server im working on.. I'll try this on a virtual box with a fresh ubuntu server install. – paxamus Feb 06 '12 at 13:54
  • Did you remember to restart your sshd server? `/etc/init.d/sshd restart` – JellicleCat Aug 05 '13 at 14:37
1

If you're trying to restrict clients to publickey auth only, you can use the following match statement:

Match User git
    AuthenticationMethods publickey
cdwilson
  • 4,310
  • 4
  • 26
  • 32