So whenever I restore a backup from prod into qa, user ssh keys won’t work in qa. The work around is just deleting and re-adding my user key, however, I feel like this shouldn’t be necessary.
I restore the gitlab-secrets.json file as well as /var/opt/gitlab/.ssh/authorized_keys files, however it still prompts me for password to the git user when trying to pull from a repo over ssh. What am I doing wrong here?
Maybe check permissions of authorized_keys file after you have restored it:
-rw------- 1 git git 1.9K Oct 23 2019 authorized_keys
if you have other than the above:
chmod 600 authorized_keys
chown git:git authorized_keys
should be OK then I think.
Thanks for the suggestion. I tried changing permissions to git:git (away from root:root) as you suggested, but then ssh fails entirely.
$ git pull origin gitlab
fatal: couldn't find remote ref gitlab
fatal: the remote end hung up unexpectedly
Edit, nvm, i’m dumb, had the name of the branch wrong, duh. Thanks!
1 Like
SSH shouldn’t fail, on my installation git is the user that owns the authorized_keys, and the permissions of read access to this file can also cause failure, especially if world read is enabled. Sometimes the authorized_keys can have permissions rw-r-r which would equate to 644. Usually 640 would work, but there are some systems/implementations of SSH that are very specific about the permissions applied to the file. From my gitlab installation was the example above, so providing yours has the same these permissions will be fine.
Anyway, as you said, the issue was rather the wrong branch at this point I guess. But glad it’s now working
1 Like