Gitlab prompts for git password when cloning a git repository

5
votes

I have installed GitLab 7.9.1 using Omnibus.

Everything works. When I do a gitlab-rake gitlab:check, I get no errors.

However, when I want to clone a repository in /var/www, the console prompts me for a git password.

I have added the SSH key in the Gitlab interface. However, it still asks me for a git password when I try to clone a repository.

What do you think?

p.s I will like to point out that I have used the Omnibus installation and not installation from source.

5
gitsshgitlab
This suggests that the necessary private key is not available to your ssh client. If your private key is (a) not ~/.ssh/id_rsa and (b) is not loaded into an ssh-agent, you would need to point git at the key explicitly.larsks

5 Answers

5
votes

I hit the same issue. For me the problem was that /etc/ssh/sshd_config had an AllowGroups directive that did not include the git group created by gitlab (viewing /var/log/secure spelled it out).

I appended git to the set of groups listed after AllowGroups, ran sudo /sbin/service sshd restart, and then git clone git@... worked as expected. Similarly, after the fix I can run ssh [email protected] and it responds with "Welcome to GitLab..." which is an easy way to confirm the ssh keys setup is fine w/o accessing a specific repo.

2
votes

Completely forgot to provide the solution. I actually had fixed the problem. It was a problem with the SSH keys.

I followed the guide on gitlabs on how to generate SSH keys. I didn't follow it properly. I missed the email address in 'ssh-keygen -t rsa -C "****@***.com"'

It works now.

1
votes

Are you trying to clone with a HTTP URL? If so, git will ask for username and password. Try cloning with SSH URL; this will make git use the SSH keys that have been set up.

0
votes

I have met with the same error when trying to clone using SSH on Windows:

Cloning into 'some_project'...
[email protected]'s password:
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.

The key was accessible, but the mistake was using command prompt (cmd.exe) instead of Git Cmd (git-cmd.exe).

0
votes

I had the same issue, it turned out to be SELinux blocking sshd from reading and opening the file authorized_keys.

Aug  9 04:10:36 gitlab01 setroubleshoot: SELinux is preventing sshd from read access on the file authorized_keys. For complete SELinux messages run: sealert -l bdda8979-07aa-47bd-baac-e818c54abb49

I implemented a new selinux policy and was all good.

~$ cat local-gitlab.te
module local-gitlab 1.0;

require {
    type var_t;
    type sshd_t;
    class file getattr;
    class file read;
    class file open;
}

#============= sshd_t ==============

#!!!! WARNING: 'var_t' is a base type.
allow sshd_t var_t:file getattr;
allow sshd_t var_t:file read;
allow sshd_t var_t:file open;