unable to git clone with gitolite3 and key authentication
93 views
Skip to first unread message
Adam Weremczuk
Jan 16, 2018, 11:22:51 AM1/16/18
to gitolite
Hello,
My environment:
SERVER
Debian 9.3
gitolite3 3.6.6-1
git 1:2.11.0-3+deb9u2
CLIENT
Windows 7 Pro
Putty 0.70
Pageant 0.70
This works fine from the client:
plink gitolite3@git-test info
hello userx, this is gitolite3@git-test running gitolite3 3.6.6-1 (Debian) on git 2.11.0
R W gitolite-admin
R W testing
R tmp/whatever
But this doesn't:
git clone gitolite3@git-test:gitolite-admin
Cloning into 'gitolite-admin'...
Access denied
Access denied
Access denied
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Auth log on the server:
Jan 16 14:07:50 git-test sshd[14561]: debug1: userauth-request for user gitolite3 service ssh-connection method none [preauth]
Jan 16 14:07:50 git-test sshd[14561]: debug1: attempt 0 failures 0 [preauth]
Jan 16 14:07:50 git-test sshd[14561]: debug1: PAM: initializing for "gitolite3"
Jan 16 14:07:50 git-test sshd[14561]: debug1: PAM: setting PAM_RHOST to "xxx.xxx.xxx.xxx"
Jan 16 14:07:50 git-test sshd[14561]: debug1: PAM: setting PAM_TTY to "ssh"
Jan 16 14:07:50 git-test sshd[14561]: debug1: userauth-request for user gitolite3 service ssh-connection method password [preauth]
Jan 16 14:07:50 git-test sshd[14561]: debug1: attempt 1 failures 0 [preauth]
...( x 6)...
Jan 16 14:07:50 git-test sshd[14561]: error: maximum authentication attempts exceeded for gitolite3 from xxx.xxx.xxx.xxx port 11240 ssh2 [preauth]
Jan 16 14:07:50 git-test sshd[14561]: Disconnecting: Too many authentication failures [preauth]
Is it putty, pageant, ssh setting on the server or am I attempting something fundamentally wrong?
Please advise.
Thanks
Adam
My environment:
SERVER
Debian 9.3
gitolite3 3.6.6-1
git 1:2.11.0-3+deb9u2
CLIENT
Windows 7 Pro
Putty 0.70
Pageant 0.70
This works fine from the client:
plink gitolite3@git-test info
hello userx, this is gitolite3@git-test running gitolite3 3.6.6-1 (Debian) on git 2.11.0
R W gitolite-admin
R W testing
R tmp/whatever
But this doesn't:
git clone gitolite3@git-test:gitolite-admin
Cloning into 'gitolite-admin'...
Access denied
Access denied
Access denied
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Auth log on the server:
Jan 16 14:07:50 git-test sshd[14561]: debug1: userauth-request for user gitolite3 service ssh-connection method none [preauth]
Jan 16 14:07:50 git-test sshd[14561]: debug1: attempt 0 failures 0 [preauth]
Jan 16 14:07:50 git-test sshd[14561]: debug1: PAM: initializing for "gitolite3"
Jan 16 14:07:50 git-test sshd[14561]: debug1: PAM: setting PAM_RHOST to "xxx.xxx.xxx.xxx"
Jan 16 14:07:50 git-test sshd[14561]: debug1: PAM: setting PAM_TTY to "ssh"
Jan 16 14:07:50 git-test sshd[14561]: debug1: userauth-request for user gitolite3 service ssh-connection method password [preauth]
Jan 16 14:07:50 git-test sshd[14561]: debug1: attempt 1 failures 0 [preauth]
...( x 6)...
Jan 16 14:07:50 git-test sshd[14561]: error: maximum authentication attempts exceeded for gitolite3 from xxx.xxx.xxx.xxx port 11240 ssh2 [preauth]
Jan 16 14:07:50 git-test sshd[14561]: Disconnecting: Too many authentication failures [preauth]
Is it putty, pageant, ssh setting on the server or am I attempting something fundamentally wrong?
Please advise.
Thanks
Adam
Jephte Clain
Jan 17, 2018, 12:36:47 AM1/17/18
to Adam Weremczuk, gitolite
hello,
my wild guess would be: git doesn't use plink as its transport ?
I don't know much about ssh on windows but that's what I would check
regards,
Jephté Clain
Adam
--
You received this message because you are subscribed to the Google Groups "gitolite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gitolite+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Jephté CLAIN | Développeur, Intégrateur d'applications
Service Système d'Information
Direction des Systèmes d'Information
Tél: +262 262 93 86 31 || Gsm: +262 692 29 58 24
Service Système d'Information
Direction des Systèmes d'Information
Tél: +262 262 93 86 31 || Gsm: +262 692 29 58 24
Adam Weremczuk
Jan 17, 2018, 2:51:40 AM1/17/18
to gitolite
I got key authentication working as below:
1. Removed existing git installation (downloaded from http://gitforwindows.org ).
2. Reinstalled opting for OpenSSH rather than Tortoise Plink.
3. Created C:\Users\userx\.ssh and dropped private ssh key there ("id_rsa" in OpenSSH format)
Both:
plink gitolite3@git-test info
and
git clone gitolite3@git-test:gitolite-admin
work fine after I type key's passphrase.
4. In order to avoid being prompted for a passphrase every time I used this script:
https://github.com/ericblade/ssh-agent-cmd
which invokes "%ProgramFiles%\git\usr\bin\ssh-agent.exe"
It can be permanently added to startup through a registry key or executed on demand.
Adam Weremczuk
Jan 23, 2018, 11:24:58 AM1/23/18
to gitolite
The ssh-agent issue only exists on the command line in Windows.
TortoiseGit has its own version of PuTTY's plink.exe (TortoiseGitPlink.exe). At installation time, choose to use it.
Then, when you're cloning a repository for the first time, choose "Load PuTTY key" in the GUI, navigate to your .ppk file, use the URL gitolite3@<git server URL>:<reponame> and click OK.
TortoiseGit uses the .ppk file to authenticate.
TortoiseGit has its own version of PuTTY's plink.exe (TortoiseGitPlink.exe). At installation time, choose to use it.
Then, when you're cloning a repository for the first time, choose "Load PuTTY key" in the GUI, navigate to your .ppk file, use the URL gitolite3@<git server URL>:<reponame> and click OK.
TortoiseGit uses the .ppk file to authenticate.
Reply all
Reply to author
Forward
0 new messages