gitblit-org / gitblit

pure java git solution
http://gitblit.com
Apache License 2.0
2.28k stars 670 forks source link

Getting issue with working existing gitblit set up #1400

Open Dinesh123 opened 2 years ago

Dinesh123 commented 2 years ago

Hi, I have working gitblit setup and suddenly started getting auth failure

Caused by: org.eclipse.jgit.errors.TransportException: ssh://gitblit-service.fico-fa-tenant-1emg29qaa8-design-falconx.svc.cluster.local:29418/configrepo.git: Auth fail

at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:192) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]

at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:140) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]

at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:280) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]

at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:170) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]

at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:137) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]

at org.eclipse.jgit.transport.FetchProcess.execute(FetchProcess.java:123) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]

at org.eclipse.jgit.transport.Transport.fetch(Transport.java:1271) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]

at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:243) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]

Caused by: com.jcraft.jsch.JSchException: Auth fail

Giltblit logs says: 2021-12-09 11:03:05 [INFO ] admin has not added any public keys for ssh authentication

i removed old id_rsa.pub from admin_keys file and added again and it started working.

sshpass -p $GITBLIT_PASSWORD ssh -l admin -p 29418 $GIT_POD_NAME keys remove ALL cat /etc/secret-volume/id_rsa.pub | ssh -l admin -p 29418 $GIT_POD_NAME keys add

What could be the issue here and how to resolve it ?

flaix commented 2 years ago

Which Git client are you using? Did you check on the server if no key was existent?

Dinesh123 commented 2 years ago

it was there , It was my working setup. Gitlblit is deployed as kubernetes pod. Spring cloud config client (Jgit) connect to gitblit pod as client.

flaix commented 2 years ago

Well, this is weird

The message in the log comes from the SSH authenticator. It happens when no public keys can be retrieved from a cached list of keys for a user. The cache expires every 15 minutes, so the keys need to be reloaded into the cache from disk, when a key is accessed for the user, after 15 minutes.

If you checked that the admin_keys file existed on the server and contained your public key (the key was physically present on the server), then something could have gone when loading the keys. Did you see the message loading ssh keystore for admin? That would be the key manager loading the file. If that failed with an I/O error, an exception should be visible in the log.

If you checked the Gitblit WebUI and found the key in the SSH keys tab of the user's profile, then I have no clue how this would happen, because this uses the same cached list as the authenticator.