9

This week I set up an new GitLab server. It is running.
Yesterday I forced him to be reachable via HTTPS for secure communication.

In Eclipse I generated an RSA-Key via the preferences.

But if I try to import an Git-Project (git@DOMAIN:GROUP/PROJECT.git) then:

  1. without password filled in, I got the response: Auth fail: Invalid password or missing SSH key.

  2. with my password filled in (but git username), I got the response: 

    Auth fail: Invalid password or missing SSH key.

  3. with my user & password, I got the response: 

    Auth fail: Invalid password or missing SSH key.

Via HTTPS I get the response: 

cannot open git-upload-pack

Please, what do I don't see?

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
lippoliv
  • 727
  • 2
  • 11
  • 28

3 Answers3

3

From my answer from here:

I faced the same issue while migrating my project from github to bitbucket and this is how I resolved it:

Introduction: I will describe the ssh key usage here. A user generates a unique key to connect to remote machines using ssh. So you can create it locally. After, user uploads the keys to the remote machines where want to connect without password and more securely. On Git, the same thing happens, user creates a ssh key and uploads the generated key value to the git system providers like Github or Birbucket. After uploading your unique key, you must configure your development environment to let your git system provider communicate providing security over ssh key.

1) I was using ssh key to push my commits to remote with github in eclipse, the ssh key is set at window -> preferences -> General -> Network Connections -> SSH2 for eclipse (on git pushes, this ssh key is used if set). If you do not have any ssh keys on your machine then follow this article to generate one for you and set it into eclipse at the path above.

2) In your github or bitbucke account, find the screen where you can save your ssh key. For bitbucket, it is at https://bitbucket.org/account/user/[user-name]/ssh-keys/. '[user-name]' here is your user name at bitbucket. Open your 'id_dsa.pub' file (where you generated your ssh key) with a text editor, select all, copy and paste into your github/bitbucket accounts' ssh key addition section and then click add.

3) At eclipse, be sure to use the 'ssh' GIT URI for your project. Go to Window -> Preferences -> Team -> Git -> Configuration, click 'Repository Settings' tab and paste your GIT ssh URI to remote.origin.url.

Bitbucket ssh uri selection

4) Finally try to push your commits to remote. You mustn't face any errors, if you have please comment under my answer.

Regards...

Community
  • 1
  • 1
Bahadir Tasdemir
  • 10,325
  • 4
  • 49
  • 61
1

Recently, I did have similar issues with GitLab but fixed it with:

First, I generated the ssh-rsa by using the MAC-OSX CLI and exported to GitLab. Git CLIs were working but no luck from Eclipse.

Then, I went to Eclipse > Preferences... > General > Network Connections > SSH2, Key Management tab, I regenerated the key from Eclipse but using the "Generate RSA key..." button. It had "RSA-1024" at the end, and exported to GitLab.

Stephen Rauch
  • 47,830
  • 31
  • 106
  • 135
JohnRossy
  • 63
  • 5
  • I had the same symptoms: works great from command line but fails in Eclipse with "Incorrect password or missing SSH key." Strangely, the key generated from the command line fails when I run `openssl rsa -text -noout -in id_rsa` with a message that's too long for this box. However, when I generate the key with Eclipse, it works fine. Even when I specify bit length and type explicitly, it still fails at the command line. – bmauter Aug 03 '19 at 21:04
0

https and ssh are two different communication protocols.

If you want to access your GitLab repos with https url, you should use https url:

https://yourLogin@DOMAIN/group/project.git

If you are using git@DOMAIN:GROUP/PROJECT.git, it is an ssh url.

Now: ssh cloning should work provided you have correctly setup your SSH id_rsa and id_rsa.pub in your Eclipse: see EGit SSH configuration.
Make sure:

  • your private key isn't password protected at first.
  • your public key (id_rsa.pub) is published on your GitLab profile
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Yep, I know. but it doesn't matter if I use the SSH-URL or HTTPS-URL, both failing. My question is: why? What can possibly break the checkout via SSH or HTTPS? – lippoliv Jan 09 '14 at 09:38
  • @lippoliv I have edited the answer to address the ssh part. An ssh url won't involve your "username and password", but always a public and private key. – VonC Jan 09 '14 at 10:30
  • thanks. Now it seems to be more clearly :) But what exactly do you mean by "your private key isn't password protected at first". Shouldn't I set an passphrase? – lippoliv Jan 09 '14 at 10:52
  • @lippoliv you can consider setting a passphrase. All I am saying is to *not* set a passphrase *a first*, in order to test your ssh settings without having to worry about said passphrase. If that work, then you can replace your public/private key with one passphrase-protected if you want. – VonC Jan 09 '14 at 11:32
  • Hey VonC, I think something is wrong to my config... I did what you sayed, heres the result (direct from git bash): git clone git@URL.TLD:GROUP/PROJECT.git Cloning into 'PROJECT'... Access denied. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. git clone myuser@URL.TLD:GROUP/PROJECT.git Cloning into 'PROJECT'... myuser@URL.TLD's password: [filling in correctly] Permission denied, please try again. – lippoliv Jan 10 '14 at 07:26
  • git clone https://URL.TLD/GROUP/PROJECT.git Cloning into 'PROJECT'... fatal: unable to access 'https://URL.TLD/GROUP/PROJECT.git/': SSL certificate problem: unable to get local issuer certificate Any ideas? – lippoliv Jan 10 '14 at 07:30
  • @lippoliv an https url means you have a ssl certificate in place, as in https://github.com/gitlabhq/gitlab-recipes/tree/master/install/centos#nginx. And your config should reflect that (https://github.com/gitlabhq/gitlabhq/blob/0d3f1a2d58cf19f3b07fdfecb7ee3a41d442a81d/config/gitlab.yml.example#L20). – VonC Jan 10 '14 at 07:51
  • I do have an official valid "Login SSL"-Certificate bought an set in place. I can access my GitLab via HTTPS, also my Jenkins without an warning. CN = PositiveSSL CA 2 O = COMODO CA Limited L = Salford S = Greater Manchester C = GB It is configurated in nginx successfully, do I have to configure it explicitly to GIT? – lippoliv Jan 10 '14 at 07:57
  • @lippoliv if it is a certificate from your company, then yes, you need to copy-paste its CA (Certificate Authority) and intermediate certificates to your `/bin/curl-ca-bundle.crt` – VonC Jan 10 '14 at 08:31
  • @lippoliv As for ssh access (which you can try to debug first, and which need to be accessible: https://github.com/gitlabhq/gitlab-recipes/tree/master/install/centos#8-configure-the-firewall), you can check the Troubleshooting guide, and see if anything there could apply to your situation: https://github.com/gitlabhq/gitlab-public-wiki/wiki/Trouble-Shooting-Guide – VonC Jan 10 '14 at 08:33