First time asking a question here so I hope I'm in the right place to do so. I've also searched for similar problems on here, but couldn't find anything quite as similar.
Here's my problem. We currently have a git server (using Gitorious) that is currently working well. I was asked to add an additional layer of security to the web interface by authenticating with Kerberos. So I went ahead and configured Apache to prompt for user authentication using mod_auth_kerb whenever a user attempts to go to the web interface. Everything works great as far as the web interface is concerned. However, when trying to git pull/push anything from the command line, it fails horribly.
Here is relevant information:
In my apache configuration, I tried the 2 following methods, both yielding the same results:
<Directory /home/git/active/>
AuthName "Restricted Access Kerberos"
AuthType Kerberos
Krb5Keytab /etc/httpd/conf/httpd.keytab
KrbAuthRealms TEST.COMPANY.COM
KrbMethodNegotiate On
KrbMethodK5Passwd On
require valid-user
</Directory>
<Location />
AuthName "Restricted Access Kerberos"
AuthType Kerberos
Krb5Keytab /etc/httpd/conf/httpd.keytab
KrbAuthRealms TEST.COMPANY.COM
KrbMethodNegotiate On
KrbMethodK5Passwd On
require valid-user
</Location>
The following is what appears when trying to pull from the command line:
== Gitorious: ==========================================================
Access denied or wrong repository path
========================================================================
fatal: The remote end hung up unexpectedly
Seen in gitorious_auth.log:
I, [2014-01-17 15:02:47#8854] INFO -- : Connection from "192.168.50.11 59109 22" (beauclaira): git-receive-pack 'sysadmin/puppet.git'
I, [2014-01-17 15:02:47#8854] INFO -- : Access denied or bad repository path for "beauclaira": "git-receive-pack 'sysadmin/puppet.git'"
And in /var/log/secure:
Jan 17 15:06:32 gitorious50 sshd[9286]: Accepted publickey for git from 192.168.50.11 port 59146 ssh2
Jan 17 15:06:32 gitorious50 sshd[9286]: pam_unix(sshd:session): session opened for user git by (uid=0)
Jan 17 15:06:32 gitorious50 sshd[9288]: Received disconnect from 192.168.50.11: 11: disconnected by user
Jan 17 15:06:32 gitorious50 sshd[9286]: pam_unix(sshd:session): session closed for user git
Did I miss something? I don't quite understand why adding this authentication in Apache is preventing users from pushing/pulling. From this I'm guessing it still passes by Apache even when pulling from the command line? Is what I'm trying to do possible?
Thanks for any help you can provide!
