github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-24 23:46:30 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

Cannot clone with built-in SSH server #2609

New Issue
Closed
opened 2025-11-02 04:41:57 -06:00 by GiteaMirror · 6 comments
GiteaMirror commented 2025-11-02 04:41:57 -06:00
Owner
Copy Link

Originally created by @lfdmn on GitHub (Dec 4, 2018).

  • Gitea version (or commit ref): 3786369
  • Git version: 1.8.3.1
  • Operating system: CentOS 7 on RaspberryPi 3+
  • Database (use [x]):
    • PostgreSQL
    • [* ] MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes (provide example URL)
    • [ * ] No
    • Not relevant
  • Log gist:
1970/01/01 00:04:50 [I] Log Mode: File(Info)
1970/01/01 00:04:50 [I] XORM Log Mode: File(Info)
1970/01/01 00:04:50 [I] Cache Service Enabled
1970/01/01 00:04:50 [I] Session Service Enabled
1970/01/01 00:04:51 [I] Git Version: 1.8.3.1
1970/01/01 00:04:51 [I] SQLite3 Supported
1970/01/01 00:04:51 [I] Run Mode: Production
1970/01/01 00:04:51 [I] SSH server started on :2222. Cipher list ([aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com arcfour256 arcfour128]), key exchange algorithms ([diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 curve25519-sha256@libssh.org]), MACs ([hmac-sha2-256-etm@openssh.com hmac-sha2-256 hmac-sha1 hmac-sha1-96])
1970/01/01 00:04:54 [I] Listen: http://0.0.0.0:3000

Description

Gitea runs fine and HTTP clone works. The daemon is started with systemd and run as a "git" user. I'm not able to clone any repo using SSH.

I have the following config

[server]
SSH_PORT         = 2222
START_SSH_SERVER = true

At the first run with the built-in server, Gitea wouldn't start because it could not create the gogs private key (permission denied error). So I generated it by hand with the same command than in the source code.

From the previous log we can see now the internal SSH server is started.

I have added my user's public SSH key to Gitea's user settings, opened the firewall port 2222/tcp.

If I don't record my public key, I get an SSH authentication error in gitea.log, which is normal and tells my the server is running:

1970/01/01 09:04:16 [...a/modules/ssh/ssh.go:140 func1()] [E] SSH: Error on handshaking: [ssh: no auth passed yet]

Now with the user's certificate added, I don't get any authentication error, meaning the certificate is found, but I also I don't get any messages in the logs and the clone eventually time's out.

In the doubt, I have disabled the firewall and SELinux. It doesn't change a thing.

I get the same problem with public and private repositories. I checked file permissions and group for the repositories are fine, and I'm able to create repositories and add wiki pages

nmap shows gitea is listening to 2222

# nmap -sT -O localhost
...
Not shown: 992 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
443/tcp  open  https
2222/tcp open  EtherNet/IP-1
...

I've also tried starting gitea manually (not from systemd) from command line after switching to git user; same symptoms

I ran out of ideas.

Originally created by @lfdmn on GitHub (Dec 4, 2018). - Gitea version (or commit ref): 3786369 - Git version: 1.8.3.1 - Operating system: CentOS 7 on RaspberryPi 3+ - Database (use `[x]`): - [ ] PostgreSQL - [* ] MySQL - [ ] MSSQL - [ ] SQLite - Can you reproduce the bug at https://try.gitea.io: - [ ] Yes (provide example URL) - [ * ] No - [ ] Not relevant - Log gist: ``` 1970/01/01 00:04:50 [I] Log Mode: File(Info) 1970/01/01 00:04:50 [I] XORM Log Mode: File(Info) 1970/01/01 00:04:50 [I] Cache Service Enabled 1970/01/01 00:04:50 [I] Session Service Enabled 1970/01/01 00:04:51 [I] Git Version: 1.8.3.1 1970/01/01 00:04:51 [I] SQLite3 Supported 1970/01/01 00:04:51 [I] Run Mode: Production 1970/01/01 00:04:51 [I] SSH server started on :2222. Cipher list ([aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com arcfour256 arcfour128]), key exchange algorithms ([diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 curve25519-sha256@libssh.org]), MACs ([hmac-sha2-256-etm@openssh.com hmac-sha2-256 hmac-sha1 hmac-sha1-96]) 1970/01/01 00:04:54 [I] Listen: http://0.0.0.0:3000 ``` ## Description Gitea runs fine and HTTP clone works. The daemon is started with systemd and run as a "git" user. I'm not able to clone any repo using SSH. I have the following config ``` [server] SSH_PORT = 2222 START_SSH_SERVER = true ``` At the first run with the built-in server, Gitea wouldn't start because it could not create the gogs private key (permission denied error). So I generated it by hand with the same command than in the source code. From the previous log we can see now the internal SSH server is started. I have added my user's public SSH key to Gitea's user settings, opened the firewall port 2222/tcp. If I don't record my public key, I get an SSH authentication error in gitea.log, which is normal and tells my the server is running: ``` 1970/01/01 09:04:16 [...a/modules/ssh/ssh.go:140 func1()] [E] SSH: Error on handshaking: [ssh: no auth passed yet] ``` Now with the user's certificate added, I don't get any authentication error, meaning the certificate is found, but I also I don't get any messages in the logs and the clone eventually time's out. In the doubt, I have disabled the firewall and SELinux. It doesn't change a thing. I get the same problem with public and private repositories. I checked file permissions and group for the repositories are fine, and I'm able to create repositories and add wiki pages nmap shows gitea is listening to 2222 ``` # nmap -sT -O localhost ... Not shown: 992 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 443/tcp open https 2222/tcp open EtherNet/IP-1 ... ``` I've also tried starting gitea manually (not from systemd) from command line after switching to git user; same symptoms I ran out of ideas.
GiteaMirror added the issue/staleissue/needs-feedback labels 2025-11-02 04:41:57 -06:00
GiteaMirror commented 2025-11-02 04:41:58 -06:00
Author
Owner
Copy Link

@fragfutter commented on GitHub (Dec 4, 2018):

if i remember correctly gitea will spawn git binaries for the actual work. So you need to install git package on the gitea server.

@fragfutter commented on GitHub (Dec 4, 2018): if i remember correctly gitea will spawn git binaries for the actual work. So you need to install git package on the gitea server.
GiteaMirror commented 2025-11-02 04:41:58 -06:00
Author
Owner
Copy Link

@lafriks commented on GitHub (Dec 4, 2018):

Did you check selinux audit log?

@lafriks commented on GitHub (Dec 4, 2018): Did you check selinux audit log?
GiteaMirror commented 2025-11-02 04:41:59 -06:00
Author
Owner
Copy Link

@lfdmn commented on GitHub (Dec 13, 2018):

@fragfutter yes, Git is installed and I can clone / push / pull via HTTP

@lafriks I checked. There's nothing gitea related there.

@lfdmn commented on GitHub (Dec 13, 2018): @fragfutter yes, Git is installed and I can clone / push / pull via HTTP @lafriks I checked. There's nothing gitea related there.
GiteaMirror commented 2025-11-02 04:41:59 -06:00
Author
Owner
Copy Link

@stale[bot] commented on GitHub (Feb 11, 2019):

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

@stale[bot] commented on GitHub (Feb 11, 2019): This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.
GiteaMirror commented 2025-11-02 04:41:59 -06:00
Author
Owner
Copy Link

@lunny commented on GitHub (Feb 11, 2019):

Closed now and feel free to reopen it.

@lunny commented on GitHub (Feb 11, 2019): Closed now and feel free to reopen it.
GiteaMirror commented 2025-11-02 04:41:59 -06:00
Author
Owner
Copy Link

@ryanburnette commented on GitHub (Apr 18, 2019):

Add an additional line of Port 2222 to your sshd_config

@ryanburnette commented on GitHub (Apr 18, 2019): Add an additional line of `Port 2222` to your `sshd_config`
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label issue/needs-feedback issue/stale
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#2609
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?