Better documentation about clone/ssh
mbugeia opened this issue ยท 17 comments
Following #8
Document:
HTTPS clone won't work in private mode (explain why) + info in manifest
SSH daemon configuration
How to correctly setup ssh / key / agent
What to check if it doesn't work
I'm happy to see that at least my mistakes will help to improve the documentation ^^
Hi,
me again :) .
I'm work with Windows, and i can't use the HTTPS connection but not the SSH setup ; i'm follow all information to setup my ssh settings, but no way, Git say Permission denied, however, i can used Putty to acces to my Yunohost server. Where i can look to find a way to solve my issue ?
Hello,
About if you want to clone by https you probably need to install the app as public. If it is as private all access to your app will be blocked by the sso.
About the ssh did you add your public key in the gogs interface ?
I'm follow all instruction write inside the Readme file. I'm install the apps as public.
- Add my public key on my Gogs profil ๐
- Update the sshd_config ๐
And what is the result ?
Maybe could you give me the result of this command : sudo cat /home/gogs/.ssh/authorized_keys
I'm try to use Git > Permission Denied -_- .
I'm look with this command to test the server ssh -vT gogs@code.stilobique.com
I'm at work, i can share log or something else at the moment.
Ah yes sorry I forgot to say to add sudo if you don't execute it by root...
Hi,
alright ; i'm look the authorized keys files, and all computers enter are present (my desktop and my notebook).
command="/opt/gogs/gogs serv key-3 --config='/opt/gogs/custom/conf/app.ini'",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhDqHwBuR2a5WBrk84aftjeGVs7E086M5yzzhAKWrIeVXlECrTdMLHzzc4K4DTXLS2bTo/Zs7lojVftqWMKYvhA4MxtJ1M/CQWhl/rsEGbjA/9MFQe6tMKlJ3D2y8NVMkj2Hko+OeaLUbGnHVjzggECc4qXDV8ofYQPWP8j7uH0rRTFV9RYfrIGCeIpBB0tOQUFvpfDMgQB7vw4Ojeub00kuYM0A/ABpGpK63nmv2XImvZm0fyp3zmCUNorXkVak+iIBKZabOZ7jVe3EZLiawwdnvm5tp79vCVWBp1M305IlF8bfAvm3Nl8a/FuedbQDgNtdE6yWLuQQvF4RQjLWwT/3/yV7GZTsjQDm0Vs4RwdN3PmSXMAAHHxmX5nfnB4bk44pZvRUtcFcGDP6ZYXlh9pwyx/OWaKOkSAA2FGRKMgfy9ChpeOtTu9/Z8xvTvEfsfE5Z5gySE5/GV98gfyhh+FfqXLaTflUncegSKJjvPF9J49UrypvuaPn7MUqa3l3Iide94UMst+YfuxoQDr7vtsMCy+RGQne8haFVhJ/QtY0Ys1/2zdSwUOhp0EmLyMe5OPQaIUL7MSyuxV6obzHB46zTBbEmXYel3AMlWBGwVyJGhXeaNBJWURllYsg7JaeynPD3lK0mNDn8diyrR2J2R3Ad3kw+zb5U1eN1TOsmrZQ== imported-openssh-key
command="/opt/gogs/gogs serv key-4 --config='/opt/gogs/custom/conf/app.ini'",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPM0hFQb+58lYXCTrf32PsF8+5rKSMnrCZ67C2RcgB0xwDSsqMt/T+DUoXUO3G0o8Vrfc0JyleCxySNOd11638DXsO7JbPEsfATp87bOflTWmiXWZW2AQpm12BNvgpFUIMbp0Bd9efGzEM2OMMofcwIAOy2Ch6+2Sz5Dc7CPYKe8HStJ5XE58reZnshYwpN1X4fKoZlG+dVpBskYNc0QUt55FAbNVLy/gW/aga/UTC2G1NnoCi9O9CH0/tjwjqwkCKxxV8OFioppe6cmr2DKwiSIMv8/Uy8qKqezI+D3QVAR+oSHBDzxs9Or9c26SBohKvmRhVKSr0KdT5afmUT9Mw624N2Dd15pYqlWgh8/L0s3U9LIB2nTvf53MWsJQy9V9/uJwJZ/wWTG9sxkw68Q8rwpS9RPfpcHZgaY1i6AHVWmxVUAq9EBvU8Sv5Hy4LOsx/kOpEhL5CXk2hGxfLB+novng0+mR7QI28SqVuoY6wvsVVLSnyOxbs2J+23q5W0vYgkMmpvb6px3V/MR0hUsDwYJ7PzeoB5SXZdALsIZ6iamL4ftnMVGk4sf4HMYSEvcuhohpFrDUtKnB/D5c9Jt86PanY6Pmwk6XEb7RYV1+JuFkXQMdBqsPS2o1a6DRkEHsCaNDQcH8r/HJOjpHS3dPgWZWQtM1hTriVQM0pB/pHLQ== aurelienvlt@free.fr
One question about Git, i need to give a specific config ? I'm speak about the command user.name and user.email ?
And what is the result of ls -la /home/gogs/.ssh/ ?
About the specific config ( user.name and user.email) normally it's just for the commit.
Did you try to access to your server with a linux machine ?
You could also try to check what it's happen in /var/log/auth.log while you try to access to your git server. You can use this command to check this sudo grep sshd /var/log/auth.log
About this command ls -la /home/gogs/.ssh/, i'm obtain this result
total 16
drwx------ 2 gogs gogs 4096 Mar 4 15:54 .
drwxr-x--- 5 gogs gogs 4096 Mar 4 09:30 ..
-rw------- 1 gogs gogs 2324 Mar 4 15:44 authorized_keys
-rw-r--r-- 1 root root 39 Mar 4 15:54 config
I'm try with a linux machine, and same result.
The Auth.log
Mar 4 16:05:56 stilobique sshd[10028]: User gogs not allowed because account is locked
Mar 4 16:05:56 stilobique sshd[10028]: input_userauth_request: invalid user gogs [preauth]
Mar 4 16:05:56 stilobique sshd[10028]: Connection closed by XX.XX.XX.XX [preauth]
I don't understand why the User Gogs has lock :/ .
Ok,
I found an issue mybe.
Could you check that in /etc/passwd the user gogs has the shell /bin/bash. If you have /usr/sbin/nologin please replace it by /bin/bash.
Normally the gogs's line in /etc/passwd should look like that gogs:x:992:992::/home/gogs:/bin/bash
Mybe the number "992" could be different.
Alright, i'm look this file and change with your setup. However the result is the same :/ . Try with a linux and Windows machine.
Hum, i don't share my client git debug log ; maybe he can useful.
$ ssh -vT gogs@code.stilobique.com
OpenSSH_7.6p1, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /c/Users/stilobique/.ssh/config
debug1: /c/Users/stilobique/.ssh/config line 1: Applying options for code.stilobique.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to code.stilobique.com [XX.XX.XX.XX] port 22.
debug1: Connection established.
debug1: identity file C:/Users/stilobique/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file C:/Users/stilobique/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u4
debug1: match: OpenSSH_6.7p1 Debian-5+deb8u4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to code.stilobique.com:22 as 'gogs'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64-etm@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64-etm@openssh.com compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:xFeO8Jtcr5cKwn3fGrepqh9QXGgx9T1ekEi6/AkI9i4
debug1: Host 'code.stilobique.com' is known and matches the RSA host key.
debug1: Found key in /c/Users/stilobique/.ssh/known_hosts:5
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
Debian GNU/Linux 8
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:[...] C:/Users/stilobique/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
gogs@code.stilobique.com: Permission denied (publickey).
Inside the auth.log ; one again the same line.
Hello,
Did you do restart your ssh server after the modification ?
Yes, i'm reboot my server.
Could you give me all contenant of /etc/ssh/sshd_config ?
Could you also check that you have a "*" of "!" as password for the user gogs in the file /etc/shadow.
Hi,
i'm look the /etc/shadow and apply the changement ; now it's work perfectly ! Really thanks for your help, now with this setup was change ? You want show my SSH Config or it's ok to you ?
Really thanks for your help.
Hello,
No it's ok