Search code examples
linuxsecuritygitgitosispublic-key-encryption

Git "ERROR:gitosis.serve.main:Repository read access denied" when using public keys

I have setup a git server using gitosis and everything was going fine. I decided to switch to using public keys for security reasons. I generated my key on my computer using this command.

ssh-keygen -t rsa -C "email@address.com"

I then added the public key to the keydir and included the key in my gitosis.conf file. I committed the changes and uploaded them to the server. When I tried to pull the changes in my git repo it gave me this error.

Error

sfa-e1505-dn:VIIAD stefanbossbaly$ git pull
DEBUG:gitosis.serve.main:Got command "git-upload-pack 'git/VIIAD.git'"
DEBUG:gitosis.access.haveAccess:Access check for 'mac' as 'writable' on 'git/VIIAD.git'...
DEBUG:gitosis.access.haveAccess:Stripping .git suffix from 'git/VIIAD.git', new value 'git/VIIAD'
DEBUG:gitosis.group.getMembership:found 'mac' in 'app-dev'
DEBUG:gitosis.group.getMembership:found 'mac' in 'test'
DEBUG:gitosis.access.haveAccess:Access check for 'mac' as 'writeable' on 'git/VIIAD.git'...
DEBUG:gitosis.access.haveAccess:Stripping .git suffix from 'git/VIIAD.git', new value 'git/VIIAD'
DEBUG:gitosis.group.getMembership:found 'mac' in 'app-dev'
DEBUG:gitosis.group.getMembership:found 'mac' in 'test'
DEBUG:gitosis.access.haveAccess:Access check for 'mac' as 'readonly' on 'git/VIIAD.git'...
DEBUG:gitosis.access.haveAccess:Stripping .git suffix from 'git/VIIAD.git', new value 'git/VIIAD'
DEBUG:gitosis.group.getMembership:found 'mac' in 'app-dev'
DEBUG:gitosis.group.getMembership:found 'mac' in 'test'
ERROR:gitosis.serve.main:Repository read access denied
fatal: The remote end hung up unexpectedly

gitosis.conf

[gitosis]

loglevel = DEBUG

[group app-dev]
writable = VIIAD android-backend
members = home mac

[group test]
writable = test
members = home mac

[group gitosis-admin]
members = home
writable = gitosis-admin mac

Notice that I already have a key "home" and it is working fine. The "mac" key is giving me problems. Does anyone know how to solve this problem?

Solution

  • Connect using ssh -vvvv yourgitserver to see what key is getting served up. You can control which key is given and make aliases for your server to give different keys to the same machine via the ~/.ssh/config file.

    Hope this helps.

    As an aside, use gitolite instead. It's actively developed and maintained; gitosis is not.