ssh-keys are not working on gitlab-ce
Summary
After do a fresh install of gitlab-cbe on Ubuntu 16.04 using the Omnibus package and add a ssh-key to any profile, the key is added, but you aren't able to establish a secure connection between your computer and GitLab, ssh connections are still asking a password.
I did the same process on gitlab.com, using the same key and works without any problem.
Steps to reproduce
-
Do a fresh install of gitlab-ce
-
Go to any profile and add a ssh-key
-
Try to test the connection using:
ssh -Tv git@example.com
What is the current bug behavior?
Currently, a prompted for a password like git@gitlab.com's password:
is showed.
What is the expected correct behavior?
You should be able to perform a secure connection between your computer and GitLab without password.
Relevant logs and/or screenshots
You can confirm that the key is added to the file: /var/opt/gitlab/.ssh/authorized_keys
This is the output of the file:
# Managed by gitlab-shell
command="/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell key-6",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAA....GHv9
command="/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell key-7",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAA....mw==
The only difference that I can see with older versions of gitlab that I already used before is that I can't see my email in the key.
Output of checks
I did the same process on gitlab.com, using the same key and works without any problem.
Results of GitLab environment info
Expand for output related to GitLab environment info
`System information System: Ubuntu 16.04 Current User: git Using RVM: no Ruby Version: 2.3.3p222 Gem Version: 2.6.6 Bundler Version:1.13.7 Rake Version: 10.5.0 Redis Version: 3.2.5 Git Version: 2.11.1 Sidekiq Version:4.2.7
GitLab information Version: 9.1.3 Revision: 2e4e522 Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: postgresql URL: https://gitlab.example.com HTTP Clone URL: https://gitlab.example.com/some-group/some-project.git SSH Clone URL: git@gitlab.example.com:some-group/some-project.git Using LDAP: no Using Omniauth: no
GitLab Shell Version: 5.0.2 Repository storage paths:
- default: /var/opt/gitlab/git-data/repositories Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks Git: /opt/gitlab/embedded/bin/git `
Results of GitLab application Check
Expand for output related to the GitLab application check
`Checking GitLab Shell ...
GitLab Shell version >= 5.0.2 ? ... OK (5.0.2) Repo base directory exists? default... yes Repo storage directories are symlinks? default... no Repo paths owned by git:git? default... yes Repo paths access is drwxrws---? default... yes hooks directories in repos are links: ... 9/3 ... ok 10/4 ... repository is empty 9/5 ... ok Running /opt/gitlab/embedded/service/gitlab-shell/bin/check Check GitLab API access: OK Access to /var/opt/gitlab/.ssh/authorized_keys: OK Send ping to redis server: OK gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Sidekiq ...
Running? ... no Try fixing it: sudo -u git -H RAILS_ENV=production bin/background_jobs start For more information see: doc/install/installation.md in section "Install Init Script" see log/sidekiq.log for possible errors Please fix the error above and rerun the checks.
Checking Sidekiq ... Finished
Checking Reply by email ...
Reply by email is disabled in config/gitlab.yml
Checking Reply by email ... Finished
Checking LDAP ...
LDAP is disabled in config/gitlab.yml
Checking LDAP ... Finished
Checking GitLab ...
Git configured with autocrlf=input? ... yes Database config exists? ... yes All migrations up? ... yes Database contains orphaned GroupMembers? ... no GitLab config exists? ... yes GitLab config outdated? ... no Log directory writable? ... yes Tmp directory writable? ... yes Uploads directory setup correctly? ... skipped (no tmp uploads folder yet) Init script exists? ... skipped (omnibus-gitlab has no init script) Init script up-to-date? ... skipped (omnibus-gitlab has no init script) projects have namespace: ... 9/3 ... yes 10/4 ... yes 9/5 ... yes Redis version >= 2.8.0? ... yes Ruby version >= 2.1.0 ? ... yes (2.3.3) Your git bin path is "/opt/gitlab/embedded/bin/git" Git version >= 2.7.3 ? ... yes (2.11.1) Active users: 4
Checking GitLab ... Finished`