I'm trying to setup a Gitolite instance on a lightly used server on our network. I was hoping to have it configured as having users:
- git -- Gitolite software/repository owner at /home/git
- gitadm -- Gitolite admin account at /home/gitadm
- myacct -- my account at "/home/myacct" where I would be doing some work on code as well as:
(Eventually) other Gitolite users on other systems/workstations on the network.
I haven't had any luck finding any information where someone's setup their Gitolite server this way---they usually have the administrative user account on a different host than the one hosting the repositories.
Is this a problematic configuration? I'd really like to keep the repositories and the administrative function on the same system... if I can.
I've tried setting Gitolite up in this way but always seem to wind up with a configuration where I can administer the software but cannot use it from a remote workstation without being prompted for the "git" password. I suspect it's something about the SSH configuration that I'm missing but could very well be a misunderstanding of how Gitolite wants things set up.
Any Gitolite users more experienced than I who have either:
a.)
made the configuration I outlined above to work
or
b.)
have a URL to a good tutorial that's worked for them? I've read probably a dozen of them and they all seem to do it a little differently which makes me wonder how many accurately reflect how they set the software up. (Especially when following them to the letter hasn't been giving me a working set up.)
TIA... (while I continue to plug away at this)
UPDATE: I realixed that I never included the bare minimum information for others to keep in mind: All of this is being done on a fairly stock Slackware 14.1 installation (yeah it's due for an upgrade). The version of Gitolite is, I assume, the most recent stable as it's coming from github (git://github.com/sitaramc/gitolite). The banner I see during ssh sessions is "hello gitolite, this is git@mediacvt running gitolite3 v3.6.8-3-g29d5bb7 on git 1.8.4".
After following the detailed instructions on several sites, I keep running into the problem of the administrative account not being able to connect to the gitolite software owner's account. While logged into "gitadm" and trying a basic query of the gitolite setup results in:
Code:
git ls-remote gitsvr:gitolite-admin
git@192.168.13.37's password:
Note: "gitsrv" is an alias setup in "~/.ssh/config". It doesn't work any differently if I replace "gitsvr" with "git@192.168.13.37". If I try to connect using plain 'ol ssh and include a '-v -v' switches, I get:
Code:
.
.
.
debug1: Found key in /home/gitadm/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/gitadm/.ssh/gitolite (0x85eb5f0), explicit
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/gitadm/.ssh/gitolite
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method <==<< HUH?!
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
git@mediacvt's password:
Whatever is causing the ssh key exchange to fail is the mystery. I am able to ssh into another account on the server.
What I found that's made things work was to setup a password on the "git" account which is something that
none of the installation guides suggest doing as all access to the software/repository owner account is supposed to be through the "gitadm" account using git commands or by "su - git" from the root account. (Next step: Have KeyPassX generate some obnoxiously long password for the git account.)
Any thoughts on what could be making this necessary? This looks like some oddball authentication problem is at work. (Or was it that the "step-by-step" installation guides just assumed that you'd create a password for the repository owner account?)
--
Rick
