gitlab通过ssh访问存储库的问题

对不起,如果只是为了澄清我的一切,这将是一个非常详细的帖子.一切似乎都正确配置并运行:

bundle exec rake gitlab:check RAILS_ENV=production

除了绿灯之外别无他物.
添加一个ssh密钥似乎工作正常,我们可以推送https://

当我们尝试与客户端连接时,我们得到:

$git push -u origin master
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

进一步探索这个产量:

$GIT_TRACE=1 git push -u origin master
trace: built-in: git 'push' '-u' 'origin' 'master'
trace: run_command: 'ssh' '-p' '2222' 'gitlab@myserver.net' 'git-receive-pack '\''/root/test1.git'\'''
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

除了退出代码为1之外,使用调试信息运行此操作不会产生任何有趣的事情.

在我们尝试连接时查看服务器上的日志我们得到了这个(它在arch linux上运行):

$journalctl -f

Jan 21 21:42:59 michaelarch sshd[2633]: Accepted publickey for gitlab from 192.168.1.1 port 58207 ssh2: ECDSA XX:e3:XX:aa:XX:0a:XX:37:XX:ad:XX:4f:XX:ab:ab:XX
Jan 21 21:42:59 michaelarch sshd[2633]: pam_unix(sshd:session): session opened for user gitlab by (uid=0)
Jan 21 21:42:59 michaelarch systemd[1]: Starting user-1001.slice.
Jan 21 21:42:59 michaelarch systemd[1]: Created slice user-1001.slice.
Jan 21 21:42:59 michaelarch systemd[1]: Starting User Manager for 1001...
Jan 21 21:42:59 michaelarch systemd[1]: Starting Session 20 of user gitlab.
Jan 21 21:42:59 michaelarch systemd-logind[461]: New session 20 of user gitlab.
Jan 21 21:42:59 michaelarch systemd[1]: Started Session 20 of user gitlab.
Jan 21 21:42:59 michaelarch systemd[2635]: pam_unix(systemd-user:session): session opened for user gitlab by (uid=0)
Jan 21 21:42:59 michaelarch systemd[2635]: Failed to open private bus connection: Failed to connect to socket /run/user/1001/dbus/user_bus_socket: No such file or directory
Jan 21 21:42:59 michaelarch systemd[2635]: Mounted /sys/kernel/config.
Jan 21 21:42:59 michaelarch systemd[2635]: Mounted /sys/fs/fuse/connections.
Jan 21 21:42:59 michaelarch systemd[2635]: Stopped target Sound Card.
Jan 21 21:42:59 michaelarch systemd[2635]: Starting Default.
Jan 21 21:42:59 michaelarch systemd[2635]: Reached target Default.
Jan 21 21:42:59 michaelarch systemd[2635]: Startup finished in 23ms.
Jan 21 21:42:59 michaelarch systemd[1]: Started User Manager for 1001.
Jan 21 21:42:59 michaelarch sshd[2636]: Received disconnect from 192.168.1.1: 11: disconnected by user
Jan 21 21:42:59 michaelarch sshd[2633]: pam_unix(sshd:session): session closed for user gitlab
Jan 21 21:42:59 michaelarch systemd-logind[461]: Removed session 20.
Jan 21 21:42:59 michaelarch systemd[1]: Stopping User Manager for 1001...
Jan 21 21:42:59 michaelarch systemd[2635]: Stopping Default.
Jan 21 21:42:59 michaelarch systemd[2635]: Stopped target Default.
Jan 21 21:42:59 michaelarch systemd[2635]: Starting Shutdown.
Jan 21 21:42:59 michaelarch systemd[2635]: Reached target Shutdown.
Jan 21 21:42:59 michaelarch systemd[2635]: Starting Exit the Session...
Jan 21 21:42:59 michaelarch systemd[1]: Stopped User Manager for 1001.
Jan 21 21:42:59 michaelarch systemd[1]: Stopping user-1001.slice.
Jan 21 21:42:59 michaelarch systemd[1]: Removed slice user-1001.slice.

现在我的假设是失败的dbus排队:

Jan 21 21:42:59 michaelarch systemd[2635]: Failed to open private bus connection: Failed to connect to socket /run/user/1001/dbus/user_bus_socket: No such file or directory

可能导致问题,但我无法弄清楚,我已经达到了我的知识极限.

当然有很多配置文件,但我想我已经调查了所有这些,任何想法或测试都非常受欢迎.

身份验证似乎成功运行:

ssh -vvT gitlab@myserver.net

得到:

......
debug1: Server accepts key: pkalg ecdsa-sha2-nistp521 blen 172
debug2: input_userauth_pk_ok: fp XX:e3:XX:aa:af:0a:ca:37:08:ad:XX:4f:XX:ab:ab:XX
debug1: read PEM private key done: type ECDSA
debug1: Authentication succeeded (publickey).
Authenticated to myserver.net ([11.123.5.462]:22).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 3780, received 2908 bytes, in 0.0 seconds
Bytes per second: sent 76566.5, received 58903.5
debug1: Exit status 1

编辑:添加更多详细信息以回应评论.

最佳答案
我目前遇到了完全相同的问题.经过一些实验,我发现了以下内容:gitlab用户应该无法登录,因此/ etc / passwd中的shell设置为/ bin / false.对于SSH访问,在~gitlab / .ssh / authorized_keys中定义了一个强制命令,它使用键作为参数执行gitlab-shell,以使连接用户可以访问基本git操作.

现在我发现,当/ etc / passwd中的用户shell设置为/ bin / false时,强制命令机制根本不起作用,并且ssh连接挂起.解决方法是仅为用户提供默认登录shell,以便执行强制命令.

但是,说实话,我不知道这是否应该如何工作,尤其是,当用户具有功能登录shell时,强制命令是否应该起作用(即默认值比强制命令.我希望将shell设置为/ bin / false,这样当authorized_keys文件中的配置正确时,用户就会得到gitlab-shell,如果不是,那么用户就什么都没有了.配置错误将为用户提供比我预期更多的权利.)

转载注明原文:gitlab通过ssh访问存储库的问题 - 代码日志