1

I am using LDAP mailid for authentication for example user@gitadmin.com and its corresponding password. The pub key which i have provided is gitolite.pub. Below is my gitolite.conf

repo gitolite-admin
    RW+     =   gitolite

repo testing
    RW+     =   @all

How does gitolite understands that the users key is as that of gitolite.pub and does further authorization. All my developers would be using their mailid for authentication. How can they get authorizad. What configuration change should i give? Help would be much appreciated. Thanks

Raptor
  • 53,206
  • 45
  • 230
  • 366
user2164525
  • 897
  • 1
  • 7
  • 18

1 Answers1

0

How does gitolite understands that the users key is as that of gitolite.pub

If your ssh url means that you are using gitolite/gitolite.pub, then gitolite will identify you as user "gitolite": see "How do programs like gitolite work?"

For that, you can define an ssh config file.

For LDAP, see "authentication versus authorisation": you have various way to link the authentication part to LDAP.

The bottom line in terms of how to invoke gitolite has been described above, and as long as you manage to do that gitolite won't even know how the authentication was done. Which in turn means you can use whatever authentication scheme you want.

That includes an LDAP authentication based on mail id if you want.

As long as the public key was named after their id (here a mail id), and published in gitolite, gitolite will identify them correctly.

my.name@email.com.pub
Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • @user2164525 you can compare it to my own config: https://github.com/VonC/compileEverything/blob/master/apache/env.conf.tpl#L95-L133 I would not define `REMOTE_USER` if I were you. – VonC Aug 30 '13 at 14:31
  • I am getting the below error now when trying to clone 0071ERR FATAL: R any gitolite-admin user@git.com DENIED by fallthru. I have added the config under .ssh also as below host user user hostname 10.55.168.18 identityfile ~/.ssh/gitolite – user2164525 Aug 31 '13 at 18:55
  • @user2164525 regarding an ssh config file, please read this example: http://stackoverflow.com/a/14134674/6309. In particular, '`host`' doesn't have to be the server name: it can be any string you want. And you need to use the scp syntax for the ssh url (as illustrated in the example I just linked). – VonC Aug 31 '13 at 19:51