TortoiseGIT + Gitolite 3

Question

I've just set up a git + Gitolite server on debian, generated a key pair on my workstation (Windows) with puttygen and register the first pub key using on the server

gitosis setup -pk firstuser.pub

Then I use TortoiseGit to clone the gitolite-admin repo, using url : git@git.myserv.com:gitolite-admin and tel Tortoise to use firstuser.ppk as private key. It works fine until this point.

Then I want to test adding a user and creating a new repo on my workstation.

I add in the conf file a section :

repo testcreation
    RW+     =   seconduser

I generate on my workstation a second ssh key pair for seconduser. Just put the seconduser.pub in keydir/ commit and push the new config.

Config seam to be alright, my new user pub key added to ~/.ssh/authorized_keys of the git user on server side.

I set up a new repo on my workstation with Tortoise, add a new remote :

 name : origin
 url : git@git.myserv.com:testcreation
 Putty Key : seconduser.ppk

And then push to create repo

TortoiseGit Log :

git.exe push --all --progress  "origin"

FATAL: W any testcreation firstuser DENIED by fallthru
(or you mis-spelled the reponame)
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.


git did not exit cleanly (exit code 128) (1591 ms @ 12/02/2014 12:20:17)

Why does Gitolite identify me as firstuser when I send the senconduser private key ? Does it have something to do with the fact I use two different key on the same workstation ?

Answer 1

Well, I found out how to resolve my problem.

Note that my workstation is under Windows

The fact is, TortoiseGit is not using OpenSSH as SSH Client but Putty. It really is bothering in my case because TortoiseGit with Plink (putty) can not handle 2 private keys to authenticate 2 different Gitolite users from the same workstation to a single user@host (in my case firstuser and seconduser) using putty as ssh client.

Note that in real life, you probably won't need to use 2 different ssh authentification on the same workstation, I only needed that to do 'tests'.

The issue is putty is, as far as I see, registering 1 key per user@host (git@git.myserv.com), I needed two key...I figured that out after using git bash (and openSSH) using ssh config file in %HOMEDRIVE%%HOMEPATH%\.ssh\config

Here is my config :

Host gitfirstuser
HostName git.myserv.com
User git
IdentityFile ~/.ssh/firstuser@git.myserv.com

Host gitseconduser
HostName git.myserv.com
User git
IdentityFile ~/.ssh/seconduser@git.myserv.com

where firstuser@git.myserv.com and seconduser@git.myserv.com are private key file in OpenSSH key format

After that, I could clone testcreation.git without any trouble using git bash

git clone gitseconduser:testcreation

and so push, pull, etc...

But when you have some GUI fanboy, git bash is just a nightmare, so here is the solution in TortoiseGit to make it use a REAL ssh client :

Open TortoiseGit Settings :

> Network section > SSH Client input > Browse...

Look up for ssh.exe in msysgit installation directory, in my case :

C:\Program Files\Git\bin\ssh.exe

Once you changed the ssh client to ssh.exe you can fully take advantage of your ssh config file.

For exemple :

in your %HOMEDRIVE%%HOMEPATH%\.ssh\config

Host ssh_host_1
HostName git.myserv.com
User git
IdentityFile ~/.ssh/ssh_host_1_keyfile

In TortoiseGit when adding a remote, or cloning use the following url :

ssh_host_1:repository_name

No need to look for a private key file, openssh will do the identification according to ssh_host_1 section