Asking for password when pull or push with docker gitlab

xnathan.h · December 11, 2017, 7:38pm

just install lastest version of gitlab with docker(https://hub.docker.com/r/gitlab/gitlab-ce/),added ssh key to gitlab

still asking password when push or pull - docker gitlab

desktop system: window10,osx

server system : centos 7

docker git (lastest version): docker pull gitlab/gitlab-ce

here is the ssh -vt output:

$ ssh -vt git@23.234.53.236
OpenSSH_7.3p1, OpenSSL 1.0.2k 26 Jan 2017
debug1: Reading configuration data /c/Users/Nathan/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 23.234.53.236 [23.234.53.236] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Nathan/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 23.234.53.236:22 as ‘git’
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:VgBduYKrMafvYg27PfLCXZmiA0vCAnz8obliVveAX+Y
debug1: Host ‘23.234.53.236’ is known and matches the ECDSA host key.
debug1: Found key in /c/Users/Nathan/.ssh/known_hosts:2
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/Nathan/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/Nathan/.ssh/id_dsa
debug1: Trying private key: /c/Users/Nathan/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/Nathan/.ssh/id_ed25519
debug1: Next authentication method: password
git@23.234.53.236’s password:

thorsager · December 28, 2017, 8:32pm

I’m having the same issue…

When adding/removing keys the authorized_keys file is updated.
But I’m not able to find any errors in any logs anywhere…

thorsager · December 28, 2017, 8:56pm

Just upped to 10.3.1-ce.0 … stil the same issue

Markland01 · January 29, 2018, 5:54am

I am having that same issue but on unraid using a docker. Any ideas?

rajudev · January 29, 2018, 6:44pm

You guys need to configure SSH based password less logins on the target machine. so that the machine on which you are SSHing will verify the host using its SSH key in authorised_keys and will grant all privileges.

One of the tutorials is https://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/

Just search for SSH based password less logins and you’ll get many tutorials on it.

Markland01 · January 30, 2018, 12:51am

Hi @rajudev,

Doesn’t the ssh key location do that or is that just to identify who pushed? Just wondering why the ssh key location is there thats all.

rajudev · February 6, 2018, 8:48am

The SSH key just verifies the user. Providing authorizations to the user, without him/her to enter a password is a different setting.

reitbauer · December 30, 2018, 8:20am

Hi,
I have the same problem. I have added the ssh key, but if i try to do this: “ssh -v git@git.reitbauer.info” i get the following output:

OpenSSH_7.8p1, LibreSSL 2.7.3

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 48: Applying options for *

debug1: Connecting to git.reitbauer.info port 22.

debug1: Connection established.

debug1: identity file /Users/wolfgang/.ssh/id_rsa type 0

debug1: identity file /Users/wolfgang/.ssh/id_rsa-cert type -1

debug1: identity file /Users/wolfgang/.ssh/id_dsa type -1

debug1: identity file /Users/wolfgang/.ssh/id_dsa-cert type -1

debug1: identity file /Users/wolfgang/.ssh/id_ecdsa type -1

debug1: identity file /Users/wolfgang/.ssh/id_ecdsa-cert type -1

debug1: identity file /Users/wolfgang/.ssh/id_ed25519 type -1

debug1: identity file /Users/wolfgang/.ssh/id_ed25519-cert type -1

debug1: identity file /Users/wolfgang/.ssh/id_xmss type -1

debug1: identity file /Users/wolfgang/.ssh/id_xmss-cert type -1

debug1: Local version string SSH-2.0-OpenSSH_7.8

debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.1

debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.1 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002

debug1: Authenticating to git.reitbauer.info:22 as ‘git’

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: algorithm: curve25519-sha256

debug1: kex: host key algorithm: ecdsa-sha2-nistp256

debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Pth8nMWOa1gCAmKxjrs6DgBeosVLMK7ZlVT5GWsaea8

debug1: Host ‘git.reitbauer.info’ is known and matches the ECDSA host key.

debug1: Found key in /Users/wolfgang/.ssh/known_hosts:1

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_EXT_INFO received

debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,password

debug1: Next authentication method: publickey

debug1: Offering public key: RSA SHA256:koOaOPsMx/3oC8KjNOGBJJC6Qo+xF+0JeoNcb5dL+us /Users/wolfgang/.ssh/id_rsa

debug1: Authentications that can continue: publickey,password

debug1: Trying private key: /Users/wolfgang/.ssh/id_dsa

debug1: Trying private key: /Users/wolfgang/.ssh/id_ecdsa

debug1: Trying private key: /Users/wolfgang/.ssh/id_ed25519

debug1: Trying private key: /Users/wolfgang/.ssh/id_xmss

debug1: Next authentication method: password

git@git.reitbauer.info’s password: