Subject:Issue with vanishing Admin Right when using different keys
3 views
Skip to first unread message
Jens Franik
Feb 9, 2025, 9:54:40 PMFeb 9
to gito...@googlegroups.com
Hello all together,
### Short Version
I am having an dedicated Admin key, which is used for Admin Tasks only.
Whenever i use a User Key on a Machine, later on i can never use again
the Admin Key on this System again.
### Details
# Check the Admin Access an Remote Repository
$ GIT_SSH_COMMAND="ssh -i ./gitolite-admin -F /dev/null" git ls-remote
git@rpi-m2:gitolite-admin
444df8e9865f7f3db7cc1aad6640a1c30038209a HEAD
444df8e9865f7f3db7cc1aad6640a1c30038209a refs/heads/master
# Pull the Admin Remote Repository
$ GIT_SSH_COMMAND="ssh -i ./gitolite-admin -F /dev/null" git clone
git@rpi-m2:gitolite-admin
Cloning into 'gitolite-admin'...
remote: Enumerating objects: 6, done.
remote: Counting objects: 100% (6/6), done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 6 (delta 0), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (6/6), done.
# Do several Work on the Admin Remote Repository
## Now from the same Machine, use a User Key
$ ssh -T git@rpi-m2
hello jcf-ubu20, this is git@rpi-m2 running gitolite3 v3.6.13-4-ga546e5e
on git 2.39.5
R W testing
# Then try to use the Admin Key after again
$ bin/git pull
FATAL: R any gitolite-admin jcf-ubu20 DENIED by fallthru
(or you mis-spelled the reponame)
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
# You will never be able to get back the Admin Rights on this Machine?
# Here is the corresponding Log
2025-02-09.15:54:51 808203 ssh ARGV=gitolite-admin
SOC=git-receive-pack 'gitolite-admin' FROM=192.168.210.31
2025-02-09.15:54:51 808203 pre_git gitolite-admin gitolite-admin
W any refs/.*
2025-02-09.15:54:51 808203
system,git,shell,-c,git-receive-pack
'/home/git/repositories/gitolite-admin.git'
2025-02-09.15:54:51 808203 update gitolite-admin gitolite-admin
W refs/heads/master 77d5f355b9eac7746d79723ba954353586571e16
0d0d394f85d3728d705b3b752d68a8c88c30eec6 refs/.*
2025-02-09.15:54:51 808203 system,gitolite compile
2025-02-09.15:54:52 808203 system,gitolite
compile-template-data
2025-02-09.15:54:52 808203
system,/home/git/bin/commands/compile-template-data
2025-02-09.15:54:52 808203 system,gitolite trigger POST_COMPILE
2025-02-09.15:54:52 808203
system,/home/git/bin/triggers/post-compile/ssh-authkeys,POST_COMPILE
2025-02-09.15:54:53 808203
system,/home/git/bin/triggers/post-compile/update-git-configs,POST_COMPILE
2025-02-09.15:54:53 808203
system,/home/git/bin/triggers/post-compile/update-gitweb-access-list,POST_COMPILE
2025-02-09.15:54:53 808203
system,/home/git/bin/commands/access,%,gitweb,R,any
2025-02-09.15:54:54 808203
system,/home/git/bin/commands/git-config,-r,%,gitweb\.
2025-02-09.15:54:54 808203
system,/home/git/bin/triggers/post-compile/update-git-daemon-access-list,POST_COMPILE
2025-02-09.15:54:55 808203
system,/home/git/bin/commands/access,%,daemon,R,any
2025-02-09.15:54:55 808203 END
2025-02-09.15:55:14 808371 ssh ARGV=jcf-ubu20 SOC=
FROM=192.168.210.31
2025-02-09.15:55:14 808371 system,gitolite,info
2025-02-09.15:55:14 808371 system,/home/git/bin/commands/info
2025-02-09.15:55:35 808452 ssh ARGV=jcf-ubu20
SOC=git-upload-pack 'gitolite-admin' FROM=192.168.210.31
2025-02-09.15:55:35 808452 die R any gitolite-admin jcf-ubu20
DENIED by fallthru<<newline>>(or you mis-spelled the reponame)
--
Greetings from
Jens Franik
[http://www.mozilla.com/thunderbird/]
[Options]
### Short Version
I am having an dedicated Admin key, which is used for Admin Tasks only.
Whenever i use a User Key on a Machine, later on i can never use again
the Admin Key on this System again.
### Details
# Check the Admin Access an Remote Repository
$ GIT_SSH_COMMAND="ssh -i ./gitolite-admin -F /dev/null" git ls-remote
git@rpi-m2:gitolite-admin
444df8e9865f7f3db7cc1aad6640a1c30038209a HEAD
444df8e9865f7f3db7cc1aad6640a1c30038209a refs/heads/master
# Pull the Admin Remote Repository
$ GIT_SSH_COMMAND="ssh -i ./gitolite-admin -F /dev/null" git clone
git@rpi-m2:gitolite-admin
Cloning into 'gitolite-admin'...
remote: Enumerating objects: 6, done.
remote: Counting objects: 100% (6/6), done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 6 (delta 0), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (6/6), done.
# Do several Work on the Admin Remote Repository
## Now from the same Machine, use a User Key
$ ssh -T git@rpi-m2
hello jcf-ubu20, this is git@rpi-m2 running gitolite3 v3.6.13-4-ga546e5e
on git 2.39.5
R W testing
# Then try to use the Admin Key after again
$ bin/git pull
FATAL: R any gitolite-admin jcf-ubu20 DENIED by fallthru
(or you mis-spelled the reponame)
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
# You will never be able to get back the Admin Rights on this Machine?
# Here is the corresponding Log
2025-02-09.15:54:51 808203 ssh ARGV=gitolite-admin
SOC=git-receive-pack 'gitolite-admin' FROM=192.168.210.31
2025-02-09.15:54:51 808203 pre_git gitolite-admin gitolite-admin
W any refs/.*
2025-02-09.15:54:51 808203
system,git,shell,-c,git-receive-pack
'/home/git/repositories/gitolite-admin.git'
2025-02-09.15:54:51 808203 update gitolite-admin gitolite-admin
W refs/heads/master 77d5f355b9eac7746d79723ba954353586571e16
0d0d394f85d3728d705b3b752d68a8c88c30eec6 refs/.*
2025-02-09.15:54:51 808203 system,gitolite compile
2025-02-09.15:54:52 808203 system,gitolite
compile-template-data
2025-02-09.15:54:52 808203
system,/home/git/bin/commands/compile-template-data
2025-02-09.15:54:52 808203 system,gitolite trigger POST_COMPILE
2025-02-09.15:54:52 808203
system,/home/git/bin/triggers/post-compile/ssh-authkeys,POST_COMPILE
2025-02-09.15:54:53 808203
system,/home/git/bin/triggers/post-compile/update-git-configs,POST_COMPILE
2025-02-09.15:54:53 808203
system,/home/git/bin/triggers/post-compile/update-gitweb-access-list,POST_COMPILE
2025-02-09.15:54:53 808203
system,/home/git/bin/commands/access,%,gitweb,R,any
2025-02-09.15:54:54 808203
system,/home/git/bin/commands/git-config,-r,%,gitweb\.
2025-02-09.15:54:54 808203
system,/home/git/bin/triggers/post-compile/update-git-daemon-access-list,POST_COMPILE
2025-02-09.15:54:55 808203
system,/home/git/bin/commands/access,%,daemon,R,any
2025-02-09.15:54:55 808203 END
2025-02-09.15:55:14 808371 ssh ARGV=jcf-ubu20 SOC=
FROM=192.168.210.31
2025-02-09.15:55:14 808371 system,gitolite,info
2025-02-09.15:55:14 808371 system,/home/git/bin/commands/info
2025-02-09.15:55:35 808452 ssh ARGV=jcf-ubu20
SOC=git-upload-pack 'gitolite-admin' FROM=192.168.210.31
2025-02-09.15:55:35 808452 die R any gitolite-admin jcf-ubu20
DENIED by fallthru<<newline>>(or you mis-spelled the reponame)
--
Greetings from
Jens Franik
[http://www.mozilla.com/thunderbird/]
[Options]
Sitaram Chamarty
Feb 9, 2025, 10:26:00 PMFeb 9
to Jens Franik, gito...@googlegroups.com
Sorry I am not able to access my primary dev env for several more weeks due to some travel and such reasons so I can't be 100% sure of this
This sounds like an ssh problem. A good starting point would be https://gitolite.com/gitolite/sts.html#more-than-one-keypair but I suspect -- if you are using ssh-agent -- you will also need the "IdentitiesOnly" directive in those two ssh-config stanzas
--
You received this message because you are subscribed to the Google Groups "gitolite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gitolite+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/gitolite/f95df153-3806-4544-90b7-ebf9210566f6%40franik.net.
--
Sitaram
Reply all
Reply to author
Forward
0 new messages