Skip to content

GitLab

Closed
Created by Administrator@rootOwner

can't git pull/push with SSSD setup on the OS

Created by: missedone

hi, folks

our project requires to setup SSSD for OpenLDAP integration at operating system level, so that our team member can SSH login on to the Linux server with the LDAP password authentication.

on that server, we have gitlab installed as well, but no matter git pull/push, i got error:

fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

i tested the ssh connection, it looks OK:

ssh -t -v [email protected]
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to gitlab.example.com [15.126.203.219] port 22.
debug1: Connection established.
debug1: identity file /var/sp/app/sop/jenkins/jenkins-home/.ssh/identity type -1
debug1: identity file /var/sp/app/sop/jenkins/jenkins-home/.ssh/identity-cert type -1
debug1: identity file /var/sp/app/sop/jenkins/jenkins-home/.ssh/id_rsa type 1
debug1: identity file /var/sp/app/sop/jenkins/jenkins-home/.ssh/id_rsa-cert type -1
debug1: identity file /var/sp/app/sop/jenkins/jenkins-home/.ssh/id_dsa type -1
debug1: identity file /var/sp/app/sop/jenkins/jenkins-home/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'gitlab.example.com' is known and matches the RSA host key.
debug1: Found key in /var/lib/jenkins/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentication succeeded (none).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Sun Aug 24 12:45:15 2014 from 15.126.203.202

but the weird thing is, user 'git' should be nologin, right? (which means, no interactive shell will be, but the ssh session should be closed immediately after login succeed), the fact is 'ssh [email protected]' lead me to the interactive shell, i can type command like 'whoami', 'ls' etc, even worse, i can edit the gitlab-shell conf file.

do you have any clue why? thank you in advance!