Gitlab not working with SSH Keys

Question

I am having issues with Gitlab. I used the following guide to install and configure Gitlab https://github.com/gitlabhq/gitlab-recipes/blob/master/install/centos/README.md. The installation seemed to go well and all. The web application seems to be working fine. However I am unable to clone, pull, push, basically I essentially cannot use Gitlab. I have seen 403 errors with HTTP and permission denied when trying to clone over SSH.

I have ensured my private keys are setup correctly on both Windows and OS X. I can see the public keys on the server. I added the following to my config file in ~/.ssh.config

Host {hostname}
    User git
    Hostname {hostname}
    PreferredAuthentications publickey
    IdentityFile C:/Users/{username}/.ssh/id_rsa

This is what I see in /var/log/secure

Jan 14 17:31:48 dev_version_control sshd[3696]: Connection closed by 192.168.17.113
Jan 14 17:32:18 dev_version_control sshd[3700]: Connection closed by 192.168.17.113

The /var/log/message didn't role when I tried using git or ssh

I'm not sure where to go from here. Any suggestions?

I don't know what you mean by SSH using git username. The guide I used did not create a password for the git user and stated that user cannot be used to login.

score 10 · Accepted Answer · answered Jan 15 '14 at 03:22

Providing that you have loaded your private key on your client, then it sounds like this might be a permissions issue on the 'git' user home directory and .ssh directory.

Please try changing your /home/git directory to a mask of 0711:

chmod 0711 /home/git

Ensure the /home/git/.ssh directory has a mask of 0700:

chmod 0700 /home/git/.ssh

Ensure the /home/git/.ssh/authorized_keys file has a mask of 0600:

chmod 0600 /home/git/.ssh/authorized_keys

Replace /home/git with whatever your home directory for the 'git' user is, if it was different in the tutorial. If it's not permissions, then please let comment and we'll see what else might be the issue.

sinm · Answer 2 · 2014-01-16T06:55:54.077

1

Check that you have only one record for your public key (which was imported through web face) in /home/git/.ssh/authorized_keys and this key has gitlab's prefix and title. In other words, if you've added the same key manually before installing gitlab then remove it.

edited Jan 16 '14 at 06:55

answered Jan 15 '14 at 05:51

sinm

119
2

score 1 · Answer 3 · answered Oct 20 '14 at 11:35

1

I'd also recommend to check that user has proper permission to clone/pull/push in gitlab. I've just spend too much time looking through ssh/https configurations, when the reason for problem was user in gitlab not having enough permissions...

answered Oct 20 '14 at 11:35

shtolik

111
2

score 1 · Answer 4 · answered Sep 27 '16 at 14:59

In my situation I installed gitlab via FreeBSD packages. Gitlab SSH didn't work. The cause of this was a wrong home directory for git: (vipw)

git:*:211:211::0:0:gitosis user:/usr/local/git:/bin/sh

I changed this to:

git:*:211:211::0:0:gitosis user:/home/git:/bin/sh

score 1 · Answer 5 · edited Oct 07 '21 at 07:59

This can happen if the host has a '-' in its name. (Even though this is legal according to RFC 952.)

ssh prompts me for a password for any host that happens to have a '-' in its name. This would seem to be purely a problem with ssh configuration file parsing because adding an alias to ~/.ssh/config (and using that alias in my git remote urls) resolved the problem.

In other words try putting something like the following in your C:/Users/{username}/.ssh/config

Host {a}
    User git
    Hostname {a-b.domain}
    IdentityFile C:/Users/{username}/.ssh/id_rsa

and where you have a remote of the form

origin  git@a-b.domain:repo-name.git

remove it and then re-add it using the form

origin  git@a:repo-name.git

score 1 · Answer 6 · answered Nov 22 '17 at 18:03

If you're using environment variables to pass the key, you should base64 encode them, otherwise they will probably fail with an error asking for your passphrase. This means that the key is corrupted. If you see:

$ ssh-add <(echo "$SSH_PRIVATE_KEY")
Enter passphrase for /dev/fd/63: ERROR: Job failed: exit code 1

Then base64 encode the SSH_PRIVATE_KEY variable. If you are on OS X,

cat ~/.ssh/ssh_key_for_project | base64 | pbcopy

will encode it and copy it to your clipboard. Now then change the .gitlab-ci.yml script line to

- ssh-add <(echo "$SSH_PRIVATE_KEY" | base64 -d)

score 0 · Answer 7 · answered Aug 07 '16 at 09:19

0

Running eval $(ssh-agent) fixed my issue.

answered Aug 07 '16 at 09:19

michalzuber

121

score 0 · Answer 8 · answered Oct 11 '16 at 04:38

My problem was the private keys file id_rsa created and saved by puttygen has a different format than the one created from a ubuntu machine. After I created a pair keys from ubuntu machine, copy these files back to Windows machine under %UserProfile%.ssh folder, then add the new generated public key to Gitlab. No more Permission Denied for me

Gitlab not working with SSH Keys

8 Answers8

Linked