Skip to content

GitLab

Closed
Created by Administrator@rootOwner

Clone via SSH - Access Denied fatal: Could not read from remote repository

Created by: green-arrow

I recently updated my Gitlab installation to 6.4. After doing so, I am no longer able to clone via SSH like I used to.

Cloning into '***'...
Access denied.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

I just upgraded to 6.5 hoping that would fix my issue, but to no avail. I've scoured the internet already and haven't found anything that works. I have cleaned the authorized_keys file and cleaned gitlab-shell as well as restarted my entire server, but nothing has worked.

I am running CentOS 6.4, Gitlab 6.5, and using LDAP authentication. Up until version 6.4 (I upgraded from 6.2 -> 6.3 -> 6.4 in one round, so I never tested on 6.3) everything was working fine.

Running ./bin/check from gitlab-shell produces the following:

Check GitLab API access: OK
Check directories and files:
        /home/git/repositories: OK
        /home/git/.ssh/authorized_keys: OK
Test redis-cli executable: redis-cli 2.4.10
Send ping to redis server: PONG

An environment info check returns the following (successful):

bundle exec rake gitlab:env:info RAILS_ENV=production
System information
System:         CentOS release 6.4 (Final)
Current User:   git
Using RVM:      no
Ruby Version:   1.9.3p327
Gem Version:    1.8.25
Bundler Version:1.3.5
Rake Version:   10.1.0

GitLab information
Version:        6.5.1
Revision:       6f6f158
Directory:      /home/git/gitlab
DB Adapter:     mysql2
URL:            https://gitlab.xxx.xxx
HTTP Clone URL: https://gitlab.xxx.xxx/some-project.git
SSH Clone URL:  [email protected]:some-project.git
Using LDAP:     yes
Using Omniauth: no

GitLab Shell
Version:        1.8.0
Repositories:   /home/git/repositories/
Hooks:          /home/git/gitlab-shell/hooks/
Git:            /usr/bin/git

Running a more thorough check results in the following (successful with the exception of the out-of-date init script):

bundle exec rake gitlab:check RAILS_ENV=production
Checking Environment ...

Git configured for git user? ... yes
Has python2? ... yes
python2 is supported version? ... yes

Checking Environment ... Finished

Checking GitLab Shell ...

GitLab Shell version >= 1.7.9 ? ... OK (1.8.0)
Repo base directory exists? ... yes
Repo base directory is a symlink? ... no
Repo base owned by git:git? ... yes
Repo base access is drwxrws---? ... yes
update hook up-to-date? ... yes
update hooks in repos are links: ...
*** / *** ... ok
*** / *** ... ok
*** / *** ... ok
*** / *** ... repository is empty
Running /home/git/gitlab-shell/bin/check
Check GitLab API access: OK
Check directories and files:
        /home/git/repositories: OK
        /home/git/.ssh/authorized_keys: OK
Test redis-cli executable: redis-cli 2.4.10
Send ping to redis server: PONG
gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Sidekiq ...

Running? ... yes
Number of Sidekiq processes ... 1

Checking Sidekiq ... Finished

Checking LDAP ...

LDAP users with access to your GitLab server (only showing the first 100 result
)

Checking LDAP ... Finished

Checking GitLab ...

Database config exists? ... yes
Database is SQLite ... no
All migrations up? ... yes
GitLab config exists? ... yes
GitLab config outdated? ... no
Log directory writable? ... yes
Tmp directory writable? ... yes
Init script exists? ... yes
Init script up-to-date? ... no
  Try fixing it:
  Redownload the init script
  For more information see:
  doc/install/installation.md in section "Install Init Script"
  Please fix the error above and rerun the checks.
projects have namespace: ...
*** / *** ... yes
*** / *** ... yes
*** / *** ... yes
*** / *** ... yes
Projects have satellites? ...
*** / *** ... yes
*** / *** ... yes
*** / *** ... yes
*** / *** ... can't create, repository
is empty
Redis version >= 2.0.0? ... yes
Your git bin path is "/usr/bin/git"
Git version >= 1.7.10 ? ... yes (1.7.11)

Checking GitLab ... Finished

I've looked at the logs for gitlab-shell and find the following error (user-name and repo-name omitted):

W, [2014-01-31T18:39:11.300878 #1739]  WARN -- : gitlab-shell: Access denied for git command <git-upload-pack '[user-name]/[repo-name].git'> by user with key key-10.

Additionally, I can connect via ssh just fine:

ssh -vT git@gitlab.***.***

OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /c/Users/***/.ssh/config
debug1: Connecting to gitlab.***.*** [***.***.***.***] port 22.
debug1: Connection established.
debug1: identity file /c/Users/***/.ssh/identity type -1
debug1: identity file /c/Users/***/.ssh/id_rsa type 1
debug1: identity file /c/Users/***/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'gitlab.***.***' is known and matches the RSA host key.
debug1: Found key in /c/Users/***/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mi
c,password
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/***/.ssh/identity
debug1: Offering public key: /c/Users/***/.ssh/id_rsa
debug1: Remote: Forced command: /home/git/gitlab-shell/bin/gitlab-shell key-10
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Remote: Forced command: /home/git/gitlab-shell/bin/gitlab-shell key-10
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
Welcome to GitLab, Andrew Walton!
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 1.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0

I've been troubleshooting all morning and cannot find a solution anywhere. Any guidance would be tremendously appreciated.