Cannot clone repository: FATAL: R any gitolite-admin gitolite DENIED by fallthru
If you have a ~/.ssh/config
file, you need to use the scp-like syntax for your ssh url:
git clone debian:gitolite-admin.git
With a config like:
host debian
user gitolite
hostname debian
identityfile ~/.ssh/gitolite
port 2222
And you are not supposed to specify the full path of the repo.
git clone git@myserver:gitolite-admin fails
gitolite-admin
is only accessible with the public key named after the git account used for the gitolite server.
You are using by default your brian.pub
, which only gives you access to testing.git
repo.
you need to define a $HOME/.ssh/config
file on your local workstation, in order to record ssh parameters to use the right key.
See "gitolite: can connect via ssh, can't clone".
~/.ssh/gitolite.pub
~/.ssh/gitolite
Then I define a config file: ~/.ssh/config with in it:
host gitolite
user git # replace it by the actual git user for the gitolite server
hostname server.com
identityfile ~/.ssh/gitolite
The clone will work:
git clone gitolite:gitolite-admin
The OP macbert confirms:
I did rename the key to
git.pub
, rangitolite setup -pk git.pub
and removed the oldbrian
key from the.gitolite/keydir
.
After that I gotgit clone git@myserver:gitolite-admin
:
Cloning into 'gitolite-admin'...
remote: Counting objects: 15, done.
remote: Compressing objects: 100% (12/12), done.
remote: Total 15 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (15/15), done.
So with the right default key, a ssh git@myserver info
should this time display the right access for gitolite-admin
repo in the 'hello' message.
Failed to clone gitolite repo and lead to fatal error
Check first your ~git/.ssh/authorized_keys
on the Gitolite server: if you want to clone a gitolite-managed repository (including the main gitolite-admin
one), your public key should be:
- listed in that
~git/.ssh/authorized_keys
file, - preceded with the forced-command
command="[path]/gitolite-shell
(as I detail in "How do programs like gitolite work?")
Otherwise, assuming your public key is registered (not for gitolite, just for regular interactive SSH session), then your clone would be:
git clone git@******:/full/path/to/gitolite-admin
The OP justsomexanda adds in the comments:
I relinked my pub- and priv-keys.
After rechecking them I could clone "testing
" but not "gitolite-admin
" so I looked closer and saw that inrepositories/gitolite-admins/gl-conf
there was the name of my key (which I called 'myKey
') but it was not the same identities which I logged in (named 'alex
').
I changed the name in the conf and it worked.So in summary: just check you name the keys right and you are using the correct identity.
gitolite installation: I cannot clone gitolite-admin repo!
Finally, I've got an answer from myself!
gitolite user created by devian package gitolite automatically is not allowed to login by sshd. so i've added gitolite to AllowUsers in file sshd_config.
Wew~~~
Gitolite denies access to a repo while allowing another
While Windows is not case sensitive, Gitolite is, testing for the existence of the bare repo folder (see lib/Gitolite/Conf/Load.pm#L245-L250
).
or you mis-spelled the reponame
If the gitolite.conf
file allows access for OpenTK-10Bit-test
, trying to clone OpenTk-10Bit-test
(as commented by And) will not work and will be denied.
Cannot access gitolite repos with non-gitolite admin users
You never clone/access a gitolite-managed repo with a 'user'.
You always use the 'git' account that you used to install gitolite.
Gitolite will then deduce who you actually are by looking for the public key used for this call in the ~git/.ssh/authorized_keys file
.
See more at "How do programs like gitolite work?".
If you want to access a gitolite-managed repo as different user, you need to have the right public/private keys for those users, and reference the private key in an ~/.ssh/config file, as shown in "users are asked for password while using gitolite".
Host gitolite_as_user1
HostName gitolite_server_name
User git
IdentityFile ~/.ssh/user1
Host gitolite_as_user2
HostName gitolite_server_name
User git
IdentityFile ~/.ssh/user2
Note that the ssh url will be:
ssh://gitolite_as_user1:yourRepo
ssh://gitolite_as_user2:yourRepo
And it will always use the 'git' account (but with different public ssh keys)
Related Topics
How to Protect My Process from Being Killed
Where Is Open_Max Defined for Linux Systems
Linux Socket Using Multiple Threads to Send
How to Send Sigint (Ctrl-C) to Current Remote Process Over Ssh (Without -T Option)
How to Debug the Linux Kernel with Qemu and Kgdb
Curl Command for Https ( Ssl )
Using Sed to Get the Last N Lines of a Huge Text File
Prepend Data from One File to Another
What Does This Command Do? "Exec Bash -L"
Dhcp Server to Redirect Any Url to Landing Page
"Tput: No Value for $Term and No -T Specified " Error Logged by Cron Process
Writing a Bash For-Loop with a Variable Top-End
How to Write-Protect Every Page in the Address Space of a Linux Process