Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in / Register
  • HardenedBSD HardenedBSD
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 29
    • Issues 29
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 2
    • Merge requests 2
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • HardenedBSDHardenedBSD
  • HardenedBSDHardenedBSD
  • Issues
  • #3
Closed
Open
Issue created Mar 25, 2020 by Shawn Webb@shawn.webbOwner

ssh access to git-01.md.hardenedbsd.org

Created by: TommiP

Cannot access git over ssh.

There is a working tcp-connection. proof of that (this shouldn't work, just a connection test)

@~ ssh -v username@git-01.md.hardenedbsd.org
OpenSSH_7.8p1, OpenSSL 1.1.1d-freebsd  10 Sep 2019
debug1: Reading configuration data /home/xxxxxxxxx/.ssh/config
debug1: /home/xxxxxxxxx/.ssh/config line 66: Applying options for git-01.md.hardenedbsd.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to git-01.md.hardenedbsd.org [63.88.83.120] port 22.
debug1: Connection established.
debug1: identity file /usr/home/ type 0
debug1: identity file /usr/home/ type -1
debug1: Local version string SSH-2.0-OpenSSH_7.8 FreeBSD-20180909
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.8 HardenedBSD 12-STABLE
debug1: match: OpenSSH_7.8 HardenedBSD 12-STABLE pat OpenSSH* compat 0x04000000
debug1: Authenticating to git-01.md.hardenedbsd.org:22 as 'username'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Es9N9VsqbvfdnSavFb/S0/L7HtSnbCTqGFfmhGCXVB0
debug1: Host 'git-01.md.hardenedbsd.org' is known and matches the ECDSA host key.
debug1: Found key in /home/xxxxxxxxx/.ssh/known_hosts:yy
debug1: rekey after 67108864 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 67108864 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: Fssh_kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
=============================
HardenedBSD Master git Server
=============================

Please note that connections and activity to this server are logged.
This server, git-01.md.hardenedbsd.org, acts as the source-of-truth
server for the HardenedBSD repositories.

Banner last updated: 10 Feb 2020 09:32 EST

debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:8zr3ii0OR4jUVWGW5np94iRlakgtVitr9wL1mExu0/M /usr/home/xxxxxxxxx/.ssh/key
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
username@git-01.md.hardenedbsd.org: Permission denied (publickey).
@~ 

Trying to clone anything from the git-server will result into this:

@~ git clone -v git@git-01.md.hardenedbsd.org:TommiP/hardenedbsd-ports.git
Cloning into 'hardenedbsd-ports'...
=============================
HardenedBSD Master git Server
=============================

Please note that connections and activity to this server are logged.
This server, git-01.md.hardenedbsd.org, acts as the source-of-truth
server for the HardenedBSD repositories.

Banner last updated: 10 Feb 2020 09:32 EST

Enter passphrase for key '/usr/home/xxxxxxxxx/.ssh/my_private_key___public_part_is_in_gitea_profile': 
Connection closed by 63.88.83.120 port 22
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
@~ 

The git user seems to be correctly mapped to somewhere as trying the same with a different user leads to:

@~ git clone -v anyname@git-01.md.hardenedbsd.org:TommiP/hardenedbsd-ports.git
Cloning into 'hardenedbsd-ports'...
=============================
HardenedBSD Master git Server
=============================

Please note that connections and activity to this server are logged.
This server, git-01.md.hardenedbsd.org, acts as the source-of-truth
server for the HardenedBSD repositories.

Banner last updated: 10 Feb 2020 09:32 EST

anyname@git-01.md.hardenedbsd.org: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
@~ 
Assignee
Assign to
Time tracking