I don’t know if this is the right place to ask this question but I tried everything looked through many forums and didn’t find my answer. I’m running GitLab on a virtual machine that has CentOS 7 on it and I set up the SSH keys but everytime i try to connect my repo with GitLab it asks for a password, I don’t know what more info to provide you with since im a newbie.
1 Like
Hi,
can you share the details how you did it? Which operating system are using for your Git client?
Cheers,
Michael
Hi,
the OS is Linux CentOS 7, I used
ssh-keygen -t rsa -b 4096 -C "my-email"
to generate a ssh pair which I then copied to GitLab, then I made a test folder with git in it and I set origin with
git remote add origin git@ip-adress-of-my-virtual-machine:root/projectname
and when I tried to push it, it asks me for a password (I think it can’t find the public ssh key), I try to enter the password of GitLab but it says something like password denied. If you need any other information I will provide it just ask and thank you for trying to help.
Hi @MrRabbitz !!
Have you created more than 1 keys on this machine?
Even if you haven’t please make the following changes in order for the system to decide which one to use, we have to mention it in the ‘/etc/ssh/ssh_config’ file:
Host gitlab-example.com
Preferredauthentications publickey
IdentityFile ~/.ssh/id_rsa
Make sure that your (in above case is “gitlab-example.com”) is mapped correctly with an IPAddress in “/etc/hosts” file:
192.168.10.1 gitlab-example.com
Also, make sure that the SSH key pair is generated at the default location “~/.ssh/id_rsa”.
Remove the previously created keys and generate new key pair using RSA and do not set the origin. Copy the id_rsa.pub (public key) on the GitLab account and then run the following command from the client machine on which the key pair is generated:
ssh -T git@gitlab-example.com
do not forget to replace <gitlab-example.com> with your gitlab server name and then share the output of the above command.
Thanks!
1 Like
Hi @paramveer.singh,
I did try with more keys because I thought I might have copied them wrong or something but everytime I generated a new key pair i overwrote the id_rsa.
In my ‘/etc/ssh/ssh_config’ file I added the thing you mentioned but I use the IP address of the server (example 10.150.10.23) so I’m guessing there is no need to change the ‘/etc/hosts’ file.
The keys are generated in the ‘~/.ssh/id_rsa’, I made new ones and copied them to GitLab (I deleted the old ones from GitLab) and ran the command you wrote and the output was:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
Thank you for helping!
Just to make sure have you copied the contents of “~/.ssh/id_rsa” or “~/.ssh/id_rsa.pub” ?
Some troubleshooting steps could be:
- Just make sure you are able to ping the GitLab server at the IPAddress
- Restart the sshd.service
- Can you share the screenshot of the SSH Keys from your GitLab GUI
- A screenshot of the “ssh -T git@gitlab-example.com”
Thanks!
1 Like
I pinged it from the terminal in the virtual machine and from my PC and both worked fine, I restarted the sshd service the output is still the same:
And this is the output i got before I added the thing you mentioned in ‘/etc/ssh/ssh_config’ file:
Edit: I’m pretty sure I copied the keys correctly, especially from my PC where I used:
clip < ~/.ssh/id_rsa.pubAlso when I run:
`ssh -vvvT git@10.100.0.51`
I get this:
I don’t know if this helps you in any way or if you can read it.
Hi!
It seems that there is some issue with how you are doing the entire process, I would request you to follow the following steps:
[It is assumed that GitLab(10.100.0.51) and client are two different machines. The SSH keys are generated on the “Client” machine]
- Delete the directory “~/.ssh” from both the client machine and the GitLab server
- Now, create the SSH Key pair on the client machine using the command ssh-keygen -t rsa -b 4096 -C "user@gitlab-example.com"
- Define the IP Address in the “/etc/hosts” file on Client machine
10.100.0.51 gitlab-machine.com
- Make the changes in the ‘/etc/ssh/ssh_config’ file on the CLIENT machine:
Host gitlab-machine.com
Preferredauthentications publickey
IdentityFile ~/.ssh/id_rsa
Restart the sshd service on the CLIENT machine.
-
Now manually copy the contents of “~/.ssh/id_rsa.pub” file
[Make sure you copy the contents of id_rsa.pub file. Copy the data from ssh-rsa till the mail id(in this case user@gitlab@gitlab-example.com) -
Open the GitLab’s GUI and copy the key in the SSH section.
-
Now, from the CLIENT machine, run the command ssh -T git@gitlab-machine.com
Make sure you follow ALL the steps and then share the results and the screenshots of the keys generated, keys copied and the output of the last command run.
1 Like
Hi,
I did everything you said, sorry I should have noted GitLab is on CentOS 7 and the client machine Windows 10.
This is the public key that it generated:
The screenshot of GitLab SSH:
And screenshot of output of the last command:
I put the URL as gitlab-machine.test. I hope this is everything you asked for.
Thank you!
Hi,
did you setup a passphrase for the SSH key pair when asked? If so, don’t do that.
Cheers,
Michael
Hi,
if anyone stumbles upon this with maybe the same problem, literally all I needed to do was run:
(sudo) gitlab-ctl reconfigure
@dnsmichi and @paramveer.singh thank you so much for the help and sorry for wasting your time.
2 Likes
No worries, every little step counts in learning new things. Maybe you’ll stay here for a while and try to help others too? Or leave a like on a reply showing your appreciation, and mark one as solution if it fits? 
Cheers,
Michael
1 Like
I want to say a big thank you. I ran into this problem and beat my head against a wall for a few hours until I came across this post. The trick that did it for me was adding the ssh_config file. Thank you for the concise resolution steps.
2 Likes
@MrRabbitz thanks for this. I wasted an incredible amount of time messing around with SSH configs etc with no resolution. This worked perfectly on CentOS 8.
@dnsmichi this seems to be an issue with the initial gitlab installer/chef recipe and I can see how this could be blocker for folks starting off with gitlab. Can you folks look into this?
I can raise a ticket if required, just show me where!
Thanks
Marc
2 Likes
Thank you! I’ve had the same issue most of today. I have created a GitLab setup on Ubuntu and then tried to replicate it on Centos 7. I did not have these ssh issues with Ubuntu 18.04, but have been fighting is for several hours on Centos 7.
Running gitlab-ctp reconfigure on the Centos 7 install did the trick
Well sort of, push and clone take an extremely long time to complete on Centos 7. I’m sure it’s a different ssh issue
Dave
2 Likes
To whoever with the same problem as me reads this.
After I generated my public/private key pair, and added my public key to Gitlab SSH keys section, it would still ask for username/password on git push/git pull.
SOLUTION: delete project folder and git clone from gitlab using ssh option, not https. (of course, it would only work if ssh -T git@replacewithyourgitlaburl.com shows success) [Somehow, this helped possibly by forcing the system to forget about prior use of username/password before SSH was generated]
Long story:
I made sure that I can connect to my Gitlab with my keys:
ssh -T git@replacewithyourgitlaburl.com and it showed success, so this wasn’t the issue.
(If you can’t, run in verbose mode to see the issue why you can’t test your connection:
ssh -Tv git@replacewithyourgitlaburl.com)
My key had already been added to ssh-agent, so this wasn’t the issue as well. (Add your SSH private key to the ssh-agent: same instructions here )
SOLUTION at the very top ^^
3 Likes
Hello, If anyone still have the problem, I offer another problem checking path
- if you install gitlab by docker, and you run gitlab docker container by exposing the ssh port not 22 but other like 6022,
- then you should change the repository ssh url, as
git@gitlab.example.com:6022/YOUR_GROUP/YOUR_REPO_NAME.git - add an option, docker run … --env “GITLAB_SHELL_SSH_PORT=6022” …, so you can paste the ssh url without changing the ssh url from you gitlab instance
1 Like
If you have read all the way down here and need another possible solution:
Check whether in
nano /etc/shadow
the git user has an exclamation mark, like so
git:!:19425::::::
or so
git:!!:19425::::::
One or two exclamation marks means that the account is locked. Replace the ‘!‘/’!!’ with something else such as a *, and git push/pull/clone and everything else should work again as smoothly as before.
If this does not help, to pinpoint your underlying cause, do this in two terminal windows:
On the machine you are trying to connect from:
ssh -Tvvv git@yourgitlab.url
On the machine you are trying to connect to:
tail -f /var/log/auth.log
2 Likes
In my case, I forgot I first used the https protocol on my git client side.
After adding my ssh key, I fixed things by running this on the client in my repo area:
$ git remote set-url origin ssh://git@myserver/mygitrepo/projectname
(update the command with your server details)