服务器 Gind.cn
  1. 服务器 Gind.cn
  3. GitLab – 不接受通过SSH推送,使用HTTP?
Intereting Posts
SQL Server 2008pipe理数据仓库caching Apache mod_perl Logtash grok /多行混淆 SQL 2016集群,创build和故障转移 如何在通过telnettesting端口时更改OpenSSH横幅文本 Mediawiki上传安装目录以外的目录 pipe理工作室的bug 本地组策略不更新。 RSOP和GPResult显示陈旧的数据 如何使用WMIC连接到远程机器并输出netstat到文件? 传入电子邮件不显示或非常延迟 – Exchange 2003 w /梭子鱼防火墙 MariaDB vs Percona服务器 – 主要区别? 无法加载dynamic库(pcre,spl,gettaxt,mhash,snmp,sockets,tokenizer) SQL Server 2005性能问题 主机文件别名使https调用越野车 在AIX上安装本地python3

GitLab – 不接受通过SSH推送,使用HTTP?

我已经看到了这个问题的多个解决scheme,其中包括: https: //serverfault.com/questions/515395/gitlab-unable-to-push-via-ssh Gitlab不能使用SSH密钥 http://community.bitnami.com / T /无法对做-A-SSH连接到gitlab,但是-HTTP-推动和克隆是,工作/ 14939

好的,所以…我今天刚安装了GitLab。 我遵循这个手册 。 当我创build用户时,“git”正在使用,所以我决定使用“gitlab”。 如果这是一个不好的决定,我可以回去看看是什么使用“混帐”,为什么,如果我可以停下来,把它给GitLab。

基本上,当我推GitLab时,我试图使用SSH地址:[email protected]:user / repo。 当我使用“git push origin master”(源头指向上述地址)时,我要求用户input“gitlab”的密码给SSH服务器。 如果我input它,GitLab会告诉我“user / repo”似乎不是一个存储库,然后退出。

“ssh -vvvT”的输出是: 

C:\Users\Jake>ssh -vvvT [email protected] OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007 debug2: ssh_connect: needpriv 0 debug1: Connecting to git.redacted.com [redacted] port 22. debug1: Connection established. debug1: identity file /c/Users/Jake/.ssh/identity type -1 debug3: Not a RSA1 key file /c/Users/Jake/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /c/Users/Jake/.ssh/id_rsa type 1 debug3: Not a RSA1 key file /c/Users/Jake/.ssh/id_dsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /c/Users/Jake/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubu ntu-2ubuntu2 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.6 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-g roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh- sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hel lman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,[email protected],[email protected],[email protected],ae s128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae [email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,[email protected],[email protected],[email protected],ae s128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae [email protected] debug2: kex_parse_kexinit: [email protected],[email protected],um [email protected],[email protected],[email protected],hma [email protected],[email protected],hmac-sha1-96-etm@opens sh.com,[email protected],hmac-md5,hmac-sha1,[email protected],umac-1 [email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: [email protected],[email protected],um [email protected],[email protected],[email protected],hma [email protected],[email protected],hmac-sha1-96-etm@opens sh.com,[email protected],hmac-md5,hmac-sha1,[email protected],umac-1 [email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 119/256 debug2: bits set: 524/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /c/Users/Jake/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug3: check_host_in_hostfile: filename /c/Users/Jake/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'git.majornoob.com' is known and matches the RSA host key. debug1: Found key in /c/Users/Jake/.ssh/known_hosts:1 debug2: bits set: 515/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /c/Users/Jake/.ssh/identity (0x0) debug2: key: /c/Users/Jake/.ssh/id_rsa (0xa01b360) debug2: key: /c/Users/Jake/.ssh/id_dsa (0xa01b378) debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /c/Users/Jake/.ssh/identity debug3: no such identity: /c/Users/Jake/.ssh/identity debug1: Offering public key: /c/Users/Jake/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password debug1: Offering public key: /c/Users/Jake/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password [email protected]'s password: C:\Users\Jake>

这似乎有麻烦阅读我的SSH密钥(S)? 我不确定发生了什么事。

我已经使用以下命令尝试了两种不同的encryptiontypes的SSH密钥: 

 ssh-keygen -t rsa -C "[email protected]" ssh-keygen -t dsa -C "[email protected]"

这里是输出,如果我试图推动使用SSH协议: 

 C:\Users\Jake\Documents\Development\test>git push origin master [email protected]'s password: fatal: 'jake/test.git' does not appear to be a git repository fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. C:\Users\Jake\Documents\Development\test>

为什么还要求inputSSH密码? 我想要它使用密钥。

关键在GitLab安装上,这里有一些certificate: SSH_KEYS

我不知道该从哪里出发,或者我可以提供哪些其他信息来更轻松地诊断我的问题。 请帮帮我! 我会责成你提出的任何问题,可能会使你更容易解决这个问题。

先谢谢你!

编辑:当我使用“ssh -vvvT [email protected]”,我实际上input用户的密码,它显示我的Ubuntu MOTD。 我相当200%肯定这不应该发生。

你是对的。 MOTD 应该显示给任何用户。 Gitlab有自己的内置shell来处理用户,但是这个shell只在用户使用他们的私钥login时才运行,这对你不起作用。 由于使用密码login带有密码会带来提示,所以您应该删除git的密码: 

 sudo passwd -d git

然后通过运行sudo vim /etc/passwd禁用bashlogin,findgit用户,并在/bin/bash结尾,用/bin/nologinreplace它。

至于密钥,请确保您的客户端计算机可以使用密钥。 尝试到本地主机的sshing。 它应该要求input密码。 注销,添加客户端的ssh密钥给自己: 

 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys #This should not require root

然后再次尝试login到本地主机。 如果它不要求input密码,就知道你的客户端设置正确。

如果你的客户端很好,请尝试debugging服务器。 执行此操作之前 ,请从屏幕截图中删除您的密钥。 然后,通过运行sudo chmod -R git /home/git/.ssh来确保Gitlab可以完全访问/home/git/.ssh目录。 重新添加你的密钥,然后运行sudo cat /home/git/.ssh/authorized_keys ,看看你的密钥是否在那里。

如果这不起作用,请运行tailf /home/git/gitlab/{LOG}.log检查您的gitlab日志,然后用unicornapplicationproductiongithostreplace{LOG} ,然后尝试添加您的密钥。

记住在做任何事之前删除你的钥匙。 密钥存储在数据库中,应该存储在/home/git/.ssh/authorized_keys中。 如果它们在数据库中,但不在文件中,则可能有问题。

我的情况

服务器:Ubuntu 14.04.1更新到最后的软件包版本(sudo apt-get update && sudo apt-get dist-upgrade)。 Gitlab:6.9.0(gitlab版本并不重要)。

在升级和重启服务器之前,所有的工作都很完美,使用正确的ssh密钥和所有相关的东西。 但升级包后,所有用户阻止正常的操作,但要求用户的密码“git”。

我做了什么?

几个小时后,我确实发现了真正发生的事情:在运行git命令时,在/home/git目录上进行了新的权限检查。

检查它是否适合您的情况的步骤:

  1. tail -f /var/log/auth.log
  2. 尝试做一个git操作(如git remote update )。
  3. 检查日志文件。 像这样的一条线出现: Authentication refused: bad ownership or modes for directory /home/git
  4. 确保/home/git git propietary: sudo chown git:git /home/git
  5. 确保目录权限: sudo chmod 755 /home/git
  6. 放入git存储库,并执行git remote update没有任何问题。

这对我有效!