Gitolite: unable to login with new ssh keys?

Question

Recently i added new ssh key to gitolite admin project, i am unable authenticate with ssh keys it is asking shell password.

I am able authenticate with old keys.
Any idea i have already refereed gitolite page and ssh lint option also.

This problem is specific to new keys only.

Adding 2 server logs

Old server (admin anil.golla)

==================
2016-01-08.18:24:26 2914    ssh ARGV=anil.golla SOC=git-receive-pack '/gitolite-admin'  FROM=172.30.10.240
2016-01-08.18:24:26 2914        trigger,Mirroring,input,INPUT
2016-01-08.18:24:26 2914        access(gitolite-admin, anil.golla, W, 'any'),-> refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914        trigger,Writable,access_1,ACCESS_1,gitolite-admin,anil.golla,W,any,refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914    pre_git gitolite-admin  anil.golla  W   any -> refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914        trigger,Mirroring,pre_git,PRE_GIT,gitolite-admin,anil.golla,W,any,git-receive-pack
2016-01-08.18:24:26 2914        pre_git() on refbaroda
2016-01-08.18:24:26 2914        mirror,pre_git,gitolite-admin,user=anil.golla,sender=,mode=master
2016-01-08.18:24:26 2914        system,git,shell,-c,git-receive-pack '/home/gitadmin/repositories/gitolite-admin.git'
2016-01-08.18:24:26 2914        update,gitolite-admin,anil.golla,W,refs/heads/master,3087ed57cbf373970107857a2aeca2adf3cd446f,4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:26 2914        trigger,RefexExpr,access_2,ACCESS_2,gitolite-admin,anil.golla,W,refs/heads/master,refs/heads/master,3087ed57cbf373970107857a2aeca2adf3cd446f,4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:26 2914        -> refs/heads/master
2016-01-08.18:24:26 2914    update  gitolite-admin  anil.golla  W   refs/heads/master   3087ed57cbf373970107857a2aeca2adf3cd446f    4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:27 2914        post-up,refs/heads/master
2016-01-08.18:24:27 2914        system,gitolite compile
2016-01-08.18:24:27 2914        system,gitolite trigger POST_COMPILE
2016-01-08.18:24:27 2914        system,/home/gitadmin/bin/triggers/post-compile/ssh-authkeys,POST_COMPILE
2016-01-08.18:24:29 2914    die fingerprinting failed for 'keydir/pranav.talla.pub'
2016-01-08.18:24:29 2914        system() failed,/home/gitadmin/bin/triggers/post-compile/ssh-authkeys,POST_COMPILE,-> 6400
2016-01-08.18:24:29 2914        system() failed,gitolite trigger POST_COMPILE,-> 6400
2016-01-08.18:24:29 2914        trigger,Mirroring,post_git,POST_GIT,gitolite-admin,anil.golla,W,any,git-receive-pack
2016-01-08.18:24:29 2914        post_git() on refbaroda
2016-01-08.18:24:29 2914        mirror,post_git,gitolite-admin,user=anil.golla,sender=,mode=master
2016-01-08.18:24:29 2914    END
2016-01-08.18:24:29 2914        system,/home/gitadmin/bin/commands/mirror,push,gitslave,gitolite-admin
2016-01-08.18:24:29 2914        system,/home/gitadmin/bin/commands/mirror,push,refpune,gitolite-admin
2016-01-08.18:24:29 2914        system,/home/gitadmin/bin/commands/mirror,push,refchicago,gitolite-admin

===============================================================

New Server   (admin id d.deepak)
2016-01-08.18:30:18     1698    ssh     ARGV=d.deepak   SOC=git-receive-pack '/gitolite-admin.git'      FROM=10.81.124.12
2016-01-08.18:30:18     1698    pre_git gitolite-admin  d.deepak        W       any     refs/.*
2016-01-08.18:30:18     1698            system,git,shell,-c,git-receive-pack '/home/test1/repositories/gitolite-admin.git'
2016-01-08.18:30:18     1698    update  gitolite-admin  d.deepak        W       refs/heads/master       2b1ad8f3a735926bb170f52f0a64321ef9fe5f8e        2431f8d59d9dc5ae0920736d5618365ab350f669     refs/.*
2016-01-08.18:30:18     1698            system,gitolite compile
2016-01-08.18:30:18     1698            system,gitolite trigger POST_COMPILE
2016-01-08.18:30:18     1698            system,/home/test1/gitolite/src/triggers/post-compile/ssh-authkeys,POST_COMPILE
2016-01-08.18:30:19     1698            system,/home/test1/gitolite/src/triggers/post-compile/update-git-configs,POST_COMPILE
2016-01-08.18:30:19     1698            system,/home/test1/gitolite/src/triggers/post-compile/update-gitweb-access-list,POST_COMPILE
2016-01-08.18:30:19     1698            system,/home/test1/gitolite/src/commands/access,%,gitweb,R,any
2016-01-08.18:30:19     1698            system,/home/test1/gitolite/src/commands/git-config,-r,%,gitweb\.
2016-01-08.18:30:19     1698            system,/home/test1/gitolite/src/triggers/post-compile/update-git-daemon-access-list,POST_COMPILE
2016-01-08.18:30:19     1698            system,/home/test1/gitolite/src/commands/access,%,daemon,R,any
2016-01-08.18:30:19     1698    END

score 1 · Accepted Answer · edited May 23 '17 at 12:31

It turns out (after 50+ comments) that pushing keys to the production server errors: "die fingerprinting failed for".

I have seen that error in:

"gitolite-admin trigger POST_COMPILE failed" (no disk space left)
"Can not add user with Gitolite (centos)": wrong ssh key generation.
It should be:

ssh-keygen -t rsa -f "${H}/.ssh/test" -C "Gitolite Admin access (not interactive)" -q -P ""
"Getting fatal: object is corrupted when pushing to a remote repo", which pinpoints the origin of that error message.
And mentions a change to the key fingerprint format in OpenSSH at version 6.8, and you need the latest gitolite (3.6.3+) to be able to cope with the new format.

score 0 · Answer 2 · answered Jan 07 '16 at 11:03

0

Create a SSH config file

When you have multiple identity files, create a SSH config file mechanisms to create aliases for your various identities.

You can construct a SSH config file using many parameters and different approaches.

The format for the alias entries use in this example is:
Host alias 
  HostName bitbucket.org 
  IdentityFile ~/.ssh/identity
To create a config file for two identities (workid and personalid), you would do the following:

Open a terminal window.
Edit the ~/.ssh/config file.

If you don't have a config file, create one.
Add an alias for each identity combination for example:

Host workid
HostName bitbucket.org
IdentityFile ~/.ssh/workid

Host personalid
HostName bitbucket.org
IdentityFile ~/.ssh/personalid

PS

Don't forget to load the keys to your gitolite account.

answered Jan 07 '16 at 11:03

CodeWizard

128,036
21
144
167

actual problem: i am admin of git and i every day i add new keys to server. from yesterday it self behaving abnormal. i added key of new user it straight away asking shell password. if you want i will provide verbose also Thanks, – Anil Kumar Jan 07 '16 at 11:08
I added 3 keys yesterday all are failing – Anil Kumar Jan 07 '16 at 11:09
1. Have you verified that keys are valid? extra spaces etc. 2. have you added them to the server as well? – CodeWizard Jan 07 '16 at 11:10
yup keys are valid no extra spaces and i have added to server too – Anil Kumar Jan 07 '16 at 11:11
gone through that...see ssh authorized key file also command="/home/git/bin/gitolite-shell user name",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa – Anil Kumar Jan 07 '16 at 11:22

Gitolite: unable to login with new ssh keys?

2 Answers2

Create a SSH config file

PS