artemkin
commented
6 years ago Hmm... it should use PAM login service. Try to sudo lfs_server, because PAM may restrict access for regular users by default iirc.
Open arkdae opened 6 years ago
artemkin
commented
6 years ago Hmm... it should use PAM login service. Try to sudo lfs_server, because PAM may restrict access for regular users by default iirc.
arkdae
commented
6 years ago Even running it sudo gives me the exact same unauthorized error.
I am unable to get the server to work when I start it with PAM authentication:
./lfs_server.sh -verbose -pam login -p 8080I have gitolite return this:
ssh -l gitolite localhost git-lfs-authenticate{"href": "http://localhost:8080","header": {"Authorization": "git_lfs git_lfs"}}But lfs_server doesn't like the login/password:
Error 127.0.0.1 "POST /objects/batch HTTP/1.1" 401 Unauthorized "The authentication credentials are incorrect"journalctl -f shows no activity, even though I added the debug keyword to PAM's /etc/pam.d/login auth lines. Conversely when I log in on this computer as git_lfs, it does show some output. So, I'm not convinced that lfs_server is actually consulting PAM here. Does the JSON output above need to have the Authorization field in base64 encoding? I could not find a definitive answer on that online, but looking at the git-lfs client code it seems that it does the base64 encoding itself.
Is there a way to see from lfs_server's point of view what the credentials are? I tried looking at this code but I do not know this programming language.