Installing Gitosis on EC2/Ubuntu

0

I'm trying to get gitosis to work on my Ubuntu instance on EC2. I'm having a problem with getting the right key to work.

I SSH to my server using the key provided in the AWS console: it's a public key (using the SSH IdentityFile option). All pretty standard. I'm using the official Ubuntu 10.04 AMI.

The installation of gitosis creates a new user. I'm supposed to provide a public key from my local machine. This doesn't work. I'm getting "Permission denied (publickey)."

In an attempt to mend the situation, I tried using the private key from the server to initialize the repository or adding the public key to the authorized keys of the created using. I managed to move one step closer, but then I got "fatal: 'gitosis-admin.git' does not appear to be a git repository" when trying to clone the admin repository.

Update:

I found out that the problem occurred because I specified an IdentityFile for my server in the .ssh/config file. When I removed it, the cloning worked. However, now I need to specify it every time I try to SSH into the server from the terminal. Is there a way around this?

zvikico

Posted 2011-03-30T16:44:00.933

Reputation: 165

Answers

1

I found out that the problem occurred because I specified an IdentityFile for my server in the .ssh/config file. When I removed it, the cloning worked. However, now I need to specify it every time I try to SSH into the server from the terminal. Is there a way around this?

A couple.

  • You can load both keys into the SSH agent, and both will be used whenever needed.

    In Ubuntu, one should be running already, so just run ssh-add on both key files. (In fact, the GNOME Keyring component appears to load ~/.ssh/id_* automatically on logon.)

  • You can have two Host definitions in ~/.ssh/config: one for interactive use, one for Git.

    Host mybox
    Hostname foo.domain.tld
    IdentityFile ~/.ssh/ec2-key

Host mybox-git
    Hostname foo.domain.tld

git clone git@mybox-git:gitosis-admin.git

  • In some cases, Gitosis is unnecessary – git can push and pull over SSH without any special configuration. (Although Gitosis does help with authorization in multiple-user cases.)

user1686

Posted 2011-03-30T16:44:00.933

Reputation: 283 655

Thank you for a full answer. I still don't understand something: if all users are pushing using the same git user, how can I distinguish between them in the GIT records. – zvikico – 2011-03-30T20:28:46.857

@zvikicio: I think you meant to ask about Gitosis, not Git. It's Gitosis that creates the git account. To distinguish between key owners, it uses a feature in OpenSSH that allows to force execution of different commands for different keys. (Just run cat ~git/.ssh/authorized_keys. Also read "AUTHORIZED_KEYS FILE FORMAT" in the manual page of sshd(8), where command="" is described.) – user1686 – 2011-03-30T20:49:18.943

@zvikicio: Regarding Git itself, it doesn't care about the SSH account, or about SSH at all. The commiter's name and email are recorded at commit time, according to their own configuration. – user1686 – 2011-03-30T20:50:07.793

I'm constantly surprised by SSH, just so versatile. Thanks again. – zvikico – 2011-03-31T05:39:04.633

@ gzvikico: gitosis is old now. you should try the more supported gitolite. – Jeff F. – 2011-04-01T18:50:47.057

Asked: 2011-03-30T16:44:00.933

Viewed: 1 067 times

Active: 2011-04-01T18:24:59.423