-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gitea update breaks SSH even though no config was ever touched #20690
Comments
the log states the following issue: Authentication refused: bad ownership or modes for directory /data/git/.ssh But the ownership and read/write rights are correct... and haven't changed |
the files are owned by the right person and no other have permissions. When I delete the whole .ssh folder and gitea creates it anew, the folder created is set to root/root which Gitea then can't write to and crashes with error 500 trying to write a key to the folder. Obviously 1.17 is bugged |
if I now restart the server it will fix the folder and file permissions to how they should be and a new authorized_keys can be created when I add the key. This file and everything was again created fresh by gitea itself and when you try to connect via ssh it still errors out |
What is the output of |
|
I made a fresh install on 1.17, which worked for a while. But now it is having the exact same problem as before, with permission errors when it tries to read the SSH key despite its permissions being correct as we established while troubleshooting the issue on Discord. I think 1.17 is flawed |
How long could the container work normally? And did you do any special operations? |
around a week and nothing was done server wise. Prior to 1.17 I never had such issues with Gitea. |
"which worked for a while": then it means that Gitea doesn't likely have a problem. Maybe there are other programs changing the filesystem. See my comments in #20570 (comment) You should figure out why the permission changes inside docker if it is the case. Maybe your Unraid does something to the filesystem? I could not guess. |
then tell me why I only see this problem from 1.17 forward? I already checked permissions and they are not changed. The file permission error is despite the file being owned by the gitea user and having the right permissions. I explained this earlier. There is nothing for me to fix with the permissions, it is gitea not reading them proper |
I think you are asking a wrong question. If you google "Authentication refused: bad ownership or modes for directory", you will see that the message comes from OpenSSH, not from Gitea. OpenSSH could be more strict with new versions, just a guess. Do you think OpenSSH's code is incorrect? If so, please suggest them to fix the bug. https://github.com/openssh/openssh-portable/search?q=bad+ownership+or+modes+for+directory and https://github.com/openssh/openssh-portable/blob/b98a42afb69d60891eb0488935990df6ee571c4d/misc.c#L2216 I can understand that you thought that "It worked before", but I couldn't guess what happened on your side, I can not provide more help. |
I will gladly provide all information if asked. But telling people to check their permissions not excepting the fact that all permissions are correct is what gets annoying. I provided screenshots of all file and folder permissions I was asked for on the gitea discord and the reply was they are set correctly, but gitea is not accepting them. The reply there was "no idea why". And this is hardly the only service I use that packages openssh and still the only one I have this problem with Keep deflecting blame while people are reporting problems since last version. I'll check out alternatives to gitea |
I think I have explained very clearly. Please collect the information inside the container. Have you ever told people what the |
yes. With screenshots :) see above |
Where is it ...... I can not see or understand. Sorry, maybe I am not qualified to help, I am just an open source contributor in my free time ........ |
fixed it by switching to gitlab |
Well, you only provided the I really have no idea where is your report about your |
in the Gitea Discord |
I'm also interested into the pictures with filesystem rights and how they are mounted into docker. I'm just user, but I can check it against my configuration. |
see Gitea Discord then. Bye |
@Draic My 2 cents: its nice that you have sent some information in the discord group, but that is first of all unsearchable, and then you didn't either post links to your discord uploads to this issue, which is for tracking progress, so it would be (and actually is) pretty hard for maintainers to follow where did you upload what. |
Description
since updating the container to 1.17 I can't connect to my repositories via SSH. I always end up with a
Permission denied (publickey). fatal: Could not read from remote repository.
I read that 1.17 changed what ssh configs are read, but I never touched any of these. Even if I remove and add my SSH key in in the interface, the key is still getting rejected since the update. Sadly the database version change denies me from just running an older gitea version until this issue gets resolved
Gitea Version
1.17.0
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Screenshots
No response
Git Version
No response
Operating System
unraid
How are you running Gitea?
docker: https://registry.hub.docker.com/r/gitea/gitea
Database
SQLite
The text was updated successfully, but these errors were encountered: