SSH Key issues

NFIfCondition · February 10, 2023, 9:52pm

Hey guys

I have a problem I have a Gitlab CE server set up as a docker container via plesk and all set up and can’t push with ssh keys:
"git@gitlab.surreal-visions.com’s password: "

i had then found another thread here that is closed and nothing helped there:

SSH key with passphrase and 2048 and 4096
GPG Key
ssh config

and did not work

now i wonder if this is maybe at a gitlab configuration or at the portmapping of docker.

Thanks for the help in advance
IfCondition

NFIfCondition · February 11, 2023, 2:16pm

OpenSSH_8.1p1, LibreSSL 2.7.3

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 47: Applying options for *

debug1: Connecting to gitlab.surreal-visions.com port 22.

debug1: Connection established.

debug1: identity file /Users/IfCondition/.ssh/id_rsa type 0

debug1: identity file /Users/IfCondition/.ssh/id_rsa-cert type -1

debug1: identity file /Users/IfCondition/.ssh/id_dsa type -1

debug1: identity file /Users/IfCondition/.ssh/id_dsa-cert type -1

debug1: identity file /Users/IfCondition/.ssh/id_ecdsa type -1

debug1: identity file /Users/IfCondition/.ssh/id_ecdsa-cert type -1

debug1: identity file /Users/IfCondition/.ssh/id_ed25519 type -1

debug1: identity file /Users/IfCondition/.ssh/id_ed25519-cert type -1

debug1: identity file /Users/IfCondition/.ssh/id_xmss type -1

debug1: identity file /Users/IfCondition/.ssh/id_xmss-cert type -1

debug1: Local version string SSH-2.0-OpenSSH_8.1

debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4p1 Debian-5+deb11u1

debug1: match: OpenSSH_8.4p1 Debian-5+deb11u1 pat OpenSSH* compat 0x04000000

debug1: Authenticating to gitlab.surreal-visions.com:22 as ‘git’

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: algorithm: curve25519-sha256

debug1: kex: host key algorithm: ecdsa-sha2-nistp256

debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none

debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256 SHA256:fp+NTqpgAwO5sx6brPCEtw8T5+nuFJtNQlRRp+lK2vo

debug1: Host ‘gitlab.surreal-visions.com’ is known and matches the ECDSA host key.

debug1: Found key in /Users/IfCondition/.ssh/known_hosts:1

debug1: rekey out after 134217728 blocks

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: rekey in after 134217728 blocks

debug1: Will attempt key: /Users/IfCondition/.ssh/id_rsa RSA SHA256:6xJamgAo62a0PG9cYoLxsOJ2sMI63ec05aKjgWxU4xA agent

debug1: Will attempt key: /Users/IfCondition/.ssh/id_dsa

debug1: Will attempt key: /Users/IfCondition/.ssh/id_ecdsa

debug1: Will attempt key: /Users/IfCondition/.ssh/id_ed25519

debug1: Will attempt key: /Users/IfCondition/.ssh/id_xmss

debug1: SSH2_MSG_EXT_INFO received

debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com ,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com ,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,password

debug1: Next authentication method: publickey

debug1: Offering public key: /Users/IfCondition/.ssh/id_rsa RSA SHA256:6xJamgAo62a0PG9cYoLxsOJ2sMI63ec05aKjgWxU4xA agent

debug1: Authentications that can continue: publickey,password

debug1: Trying private key: /Users/IfCondition/.ssh/id_dsa

debug1: Trying private key: /Users/IfCondition/.ssh/id_ecdsa

debug1: Trying private key: /Users/IfCondition/.ssh/id_ed25519

debug1: Trying private key: /Users/IfCondition/.ssh/id_xmss

paula.kokic · February 14, 2023, 3:34pm

Hey there,

Normally port 22 is used by sshd service on servers so you could ssh into the server.

What we did at our installation is change that sshd service to use port 2222, and leave GitLab ssh to port 22. Normally it’s in the /etc/ssh/sshd_config, but you can double check with your Linux distribution.

When using docker, don’t forget to map ports for gitlab container, e.g. in compose file:

ports:
  - "80:80"   # http traffic
  - "443:443"  # https traffic
  - "22:22"   # ssh traffic

Then you should be able to do e.g.

git clone git@my-gitlab.com/my-project.git

Best regards,
Paula