1

I'm new at using gitolite and have been doing some tests and there is one thing I don't understand. When a user generates its key (say, "pablo") the id_rsa.pub needs to be renamed to "pablo.pub" because it says in the file content pablo@pc10 and hence the username needs to match the name of the file. This work.

Now the problem is that there is another username pablo in another pc (pc12). So I obviously can't add both keys to the keydir as they both have the same file name. I have tried to rename them to pablo@pc10.pub and pablo@pc12.pub, but this doesn't work (whenever they try to clone the repository it asks for the gitolite3 password, which should not happen). I have also edited the conf file to reflect that the user is pablo@pc10 and pablo@pc12 after the RW+ = sentence.

My question is, what am I doing wrong? How do I add multiple keys for the same username on different machines?

aarelovich
  • 5,140
  • 11
  • 55
  • 106
  • possible duplicate of [Gitolite One User - Many Keys - Different usernames](http://stackoverflow.com/questions/5733699/gitolite-one-user-many-keys-different-usernames) – musiKk Sep 05 '14 at 13:47
  • No, because I tried what it said in that thread and it did not work. – aarelovich Sep 05 '14 at 13:52
  • Furthermore the problem tried there is the same user in different machines. My problem is different users with the same usernames in different machines. – aarelovich Sep 05 '14 at 14:06
  • If it's different users, rename the files to include the last name. The name of the file is not tied to the username on the local machine nor to what the name@hostname stanza says in the public key file. – musiKk Sep 05 '14 at 14:10
  • You are right. This solved the problem. The thing was that this was the first thing we tried. And when it didn't work we assumed it was because the filename and user name needed to be the same, but the problem was something else aparantly. Thank you for that. – aarelovich Sep 05 '14 at 14:42
  • Glad I could be of help. :) I formulated it as an answer. – musiKk Sep 05 '14 at 14:49

3 Answers3

0

How do I add multiple keys for the same username on different machines?

Those users will have to have different usernames on the gitolite server as the username has to be unique so they will have to be pablo1 and pablo2 and clone as git clone pablo1@REPO and git clone pablo2@REPO.

Emil Davtyan
  • 13,808
  • 5
  • 44
  • 66
  • I don't understand. The username is in the their own workstations not in the gitolite sever. I can't change the filename to anything I want because it doesn't work. The problem is that the filename, needs to be the workstation username with .pub. – aarelovich Sep 05 '14 at 13:54
  • @user792589 No, the username is what they specify when cloning the repo i.e. for example `git clone imyounow@REPO` marks me as `imyounow` not the user on my local workstation. – Emil Davtyan Sep 05 '14 at 13:56
  • As I understand it the username is the gitolite username which is allways the same. – aarelovich Sep 05 '14 at 14:00
  • @user792589 I don't quite understand what you mean. It says here the username is taken from the ssh process "At a very high level, gitolite relies on sshd (or httpd if you're using the smart http mode) to authenticate the user and supply the username." http://gitolite.com/gitolite/gitolite.html#how-does-it-work – Emil Davtyan Sep 05 '14 at 14:08
  • @EmilDavtyan The documentation is a bit misleading. The username is taken from the command that is defined in `.ssh/authorized_keys`. This is automatically configured by gitolite. The correct command is taken from the public key the user provided. – musiKk Sep 05 '14 at 14:52
  • @musiKk Oh ok, I just remembered gitolite funneled all the users through the `git` user. – Emil Davtyan Sep 05 '14 at 15:20
0

Since the keys are for two different users who have the same name, the easiest solution would be to add something to the public key files' names that makes them unique again, such as the surname.

The name of the file is totally independent of the local user name or the contents; the connection is made solely based on the contents of the private key that is used for the SSH connection. In that regard I find the gitolite documentation a bit misleading.

You just have to use the new names in the gitolite configuration as well.

musiKk
  • 14,751
  • 4
  • 55
  • 82
0

http://gitolite.com/gitolite/gitolite.html#multi-key

"any number of subdirectory levels are OK) all resolve to user "pablo""

keydir/pablo.pub

keydir/pc12/pablo.pub

keydir/third_pablo/pc1713/pablo.pub

Timofey
  • 51
  • 1
  • 3