_pygit2.GitError: Failed to authenticate SSH session: Unable to send userauth-publickey request
rhjensen79 opened this issue · comments
Hi.
Have you experienced this issue ?
Describe the bug
When using Gitfs2 for remote git repo, i keep getting errors.
When doing it via cli, it works fine, and i can see, that it's using the same ssh key files.
To Reproduce
Steps to reproduce the behavior:
Create new github repo
Create ssh key, without password
put the keys in the keys folder, and name them accordingly
restart container, and watcht the logs.
test using cli to clone the repo, using ssh, and verify it works.
Expected behavior
No errors in logs, and able to access the gitfs repo
Additional info
The full log with the outputted error.
Version report (please complete the following information):
- Host OS: Linux salt-statefulset-0 5.4.0-88-generic #99-Ubuntu SMP Thu Sep 23 17:29:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
- Docker: K8S 1.20
- Image tag: latest
Additional context
gitfs.conf
gitfs_provider: pygit2
gitfs_privkey: /home/salt/data/keys/gitfs_ssh
gitfs_pubkey: /home/salt/data/keys/gitfs_ssh.pub
gitfs_remotes:
- git@github.com:rhjensen79/salt.git:
- root: salt
- base: master
Hi @rhjensen79, thank you for opening this issue!
I'll try to figure out what is happening here this afternoon.
Thanks. Let me know if i can help in any way.
And know, that i can't promise it not a mistake by my part, but i have done all i could think off, before i created the issue.
A quick googling, showed some issues around ubuntu 20.04 and the gitpy2.
But the resolutions i found, did not work.
Thank you very much for your info!
I had some issues long time ago too.
First I'll try to reproduce the error. I'll let you know if I have troubles reproducing it.
This issue seems to be related with libgit2/pygit2#836
Some possible solutions that are commented in that issue are:
- Create the ssh key with
-m PEMparameter: libgit2/pygit2#836 (comment) - Change the length of the ssh key to be smaller than 4096 bits, for example to 2048: libgit2/pygit2#836 (comment)
Ok. So i have just tried both, without any luck.
Testet again, with the last one, where i change the key to 2048 bits, where i got errors.
The i tried a simple git clone with that key, and it worked perfect.
I'm thinking of trying a gitlab repo later. I can add a token to the url there, just to see if that works instead.
I will let you know.
I have found this issue from the salt repo: saltstack/salt#58898
Sometime ago I decided to install pygit2 package from ubuntu's repository since I tried it and it worked (#43), but it seems to fail in some situations.
I'm trying to build a newer image building and installing libssh2 and libgit2 from source and installing pygit2 1.7.0 with pip3.
I'll give you access to that image when I'm finished.
That is great :-)
thanks.
btw. just finished testing with a deploy token against a gitlab repo, and it works.
So it's isolated to ssh certificates.
Please, could you test this image: cdalvaro/docker-salt-master:pygit2?
Fantastic. It's working now.
Did a standard certificate with ssh-keygen and no pass and it worked, out of the box.
Thanks you so much for your help :-)
Do you want me to test/do anything else ?
Perfect!
I'll release a new image with these changes in the following days.
Thank you for reporting this bug!
Don't close the issue until the new image is available and tested!