Why does ssh connection to gitlab not work (while http push and clone work fine)?

Question

I run a x86 raring ringtail on a old pc and having installed bitnami gitlab 5.3.

Here is my error msg when trying to push the first master branch in SSH mode:

fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.

(it works in http protocol with the gitlab web dashboard credentials)

1. I have launched bitnami-installer.run with root user so I think all the files went in /opt instead of /home (this was the good procedure?)
2. I didn't have a git user before installing GitLab since I heard it could make a confusion in the .ssh/authorized_keys files and other permissions.
3. When I run ssh -T [email protected] it says permission denied (public key) but the pub key on my client computer is also in .ssh/authorized_keys?

4. authorized_keys has the proper content also, with for each line:

   command= "/opt/gitlab/apps/"
   

5. I have also noticed that I cannot display the content of authorized_keys file with a sudo -su git nano authorized_keys because:

   the user is not in the sudoers file.

6. But sudo /opt/gitlab/apps/gitlab/gitlab-shell/bin/check returns ok for each verification (gitlab api, acces, repo and /home/git/.ssh/authorized_keys file (because i have set in th config.yml gitlab_url to : http://myserver.com/gitlab (local server ip address) instead of http://loopbackaddress.com/gitlab). I have noticed that i have « two versions » of the gitlab-shell directory, one in /opt and one in /home and i don't know if it it is the appropriated demeanor ?

7. When i try a ssh -Tv it seems the ssh server does not even accept my key, fail to authenticate and return « permission denied » at last.
8. Also nothing special in the /var/log/auth.log files other than sshd[number] : connection closed by IP address.
9. The authorized_keys file path is set to the correct absolute url in the /etc/ssh/sshd_config file (/home/git/.ssh/authorized_keys)
10. And finally i am unable to debug with « bundle exec bin/rake » since i am not able to make my ubuntu install all the required pacakge to execute bundle.

I am almost sure it's either a simple ssh misconfiguration or something wrong when invoking the command="/opt/...../gitlab-shell" in the authorized_keys file

PS: using git with HTTP protocole would be enough for my home server but the interest of the gitlab dashboard is to easily add a contributors by filling the ssh key in the web form and using ssh after

Answer 1

I've got the following error trying to clone repo via ssh from freshly installed gitlab:

fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists.

Solution was found at https://github.com/gitlabhq/gitlab-public-wiki/wiki/Trouble-Shooting-Guide#ssh

Check ssh log /var/log/auth.log and if you find error:

User git not allowed because account is locked

then edit /etc/shadow and change git:!: to git:*:

P.S. In my case on CentOS 6.5 it was /var/log/secure and git:!!:

Answer 2

I had a same error. searched and tried many way. It didn't work. Then, i found the answer in this site [http://georgik.sinusgear.com1. It worked for me.

My gitlab's version is 6.6.4.

Do as below:

1. find port unicorn run on:

   sudo emacs /home/git/gitlab/config/unicorn.rb

scroll to # listen on both a Unix domain socket and a TCP port and found that: listen "127.0.0.1:port", :tcp_nopush => true

1. edit config.yml

   sudo emacs /home/git/gitlab-shell/config.yml

change gitlab_url: "your-domain"

to

gitlab_url: "127.0.0.1:[port]"

restart gitlab

sudo service gitlab stop

sudo service gitlab start