CentOS Question posted in
The official documentation can be found here.

Gitlab CE Doesn't Add a Public Key to authorized_keys – CentOS

I just installed the newest Omnibus Gitlab in CentOS 7. I have added my public key to my account but gitlab keeps prompting me for a password every time I try to connect using ssh, like ssh [email protected]. The git home folder is /var/opt/gitlab.

Here are the various things that I’ve done:

  • I have checked that write to authorized_keys is checked in the admin area -> settings -> network

  • I have chmod the relevant folders and authorized_keys file. 0700 for home, 0711 for .ssh and 0600 for authorized_key file

  • I have deleted and re-created the authorized_keys file

  • I have checked various gitlab log files and nothing shows any clue

  • I have restarted and reconfigured using gitlab-ctl and restarted the computer

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I have solved half of the problem although I don't know what the root cause was. I looked into this page docs.https://docs.gitlab.com/ee/administration/raketasks/maintenance.html#rebuild-authorized_keys-fileabout rebuilding authorized_keys using this command: sudo gitlab-rake gitlab:shell:setup, and gitlab rebuild the key and created authorized_keys.lock in the .ssh folder. Now, I can ssh -T [email protected], although the user name was changed to Anonymous, now I'm facing another problem. When I try to clone or push, gitlab said the project can't be found. :( . I guess I'll have to look for it more.

    EDIT: somehow by luck, I managed to solve this by creating a new user, added the ssh key for that user and run gitlab-rake gitlab:shell:setup again to make Gitlab added the public key to authorized_keys file.

    What a mess in Gitlab and I see ton of issues regarding this authorized_keys and ssh from a long long time ago (5 - 6 years ago and still similar issue) and it still happens now.


  2. 0

    You may want to configure Fast lookup of authorized SSH keys in the database.

    This should solve the problem you’re facing and it won’t require manual rebuild of authorized_keys file whenever someone adds or removes SSH/deploy key in GitLab.

    Edit: This bug was introduced with GitLab 12.9. It was confirmed and it should be resolved with 12.9.1 patch release, which is expected to be released soon.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search