search for: gitolites

Hi everyone, we are suddenly having a problem with executing our backup jobs. For a long time, we have used a shell script which contains the following code to backup all our virtual machines: for domain in Testserver Faktura Fileserver Gitolite Jenkins Nexus SimpleHelp VpnGateway Wiki; do echo -n "$(date +"%Y-%m-%d %H:%M:%S") starting backup for vm

I'm trying to get an Archlinux guest running on a Archlinux host. Everything works except ethernet. When I boot the host, --- # dmesg |tail [ 8.265493] Bridge firewalling registered [ 8.514547] IPv6: ADDRCONF(NETDEV_UP): virbr0: link is not ready [ 8.645303] ip6_tables: (C) 2000-2006 Netfilter Core Team --- Then I do --- # virsh -c lxc:/// start gitolite Domain gitolite started #

When using client certificate authentication, is there any way to extract the key ID from the certificate in a force command on the server? I would like to be able to configure Gitolite [1] with a certificate authority key and then use the key ID as the Gitolite user ID when a client connects. Currently I can achieve the same effect by embedding the username in a "force-command"

Hi all, Apologies if this has been dealt with before, but I haven''t managed to find an answer yet. I have a working "dynamic environments" setup: * A gitolite repository (on a dedicated host) with multiple branches - one for each environment. * I use r10k ro deploy the environments on the master to $confdir/environments/$::environment. This all works *really* well, but I

Nico Kadel-Garcia <nkadel at gmail.com> writes: > Dag-Erling Sm?rgrav <des at des.no> writes: > > Some OS distributions (FreeBSD, RHEL / CentOS, probably Fedora) have > > X11Forwarding enabled by default. > I'm not sure I see your point. With X11Forwarding off by default, one would assume that it is only enabled on a case-by-case basis for users or groups who

I want to login in remote server, git server, with two accounts (mars and gitolite) without password. e.g. (steps) 1. ssh-keygen? # no password 2. scp .ssh/id_rsa.pub gitolite at gitserver:/tmp/ 3. ssh gitolite at gitserve 4. cat /tmp/id_rsa.pub >> .ssh/authorized_keys 5. exit Then, do : ssh gitolite at gitserver ls But error message occurs:? Permission denied

...vhosting: Match User git LocalAddress 11.22.33.44 User git-a Match User git LocalAddress 11.22.33.55 User git-b So one would have e.g. two domains, pointing to different IPs, which however both go to the same physical host (and thus sshd). In that example it would be desired, that the two git/gitolites are completely separate, i.e. no shared "usernames" (which they implement via ssh keys), no shared repositories between the two domains and so on. Right now, one would need two different user accounts for this, and two different git/gitolite installations. But this in turn "breaks&q...

Hi guys, It might be nice if AuthorizedKeysCommand would receive the fingerprint of the offered key as an argument, so that programs like gitolite could implement more refined key-based identity lookup that offers better performance than AuthorizedKeysFile's linear scan. The following patch is untested but is the basic idea: diff -ru openssh-6.2p1/auth2-pubkey.c

Hey, I use gitolite for git hosting on my server, and because I want to use kerberos authentication I patched OpenSSH to put the name of the kerberos principal name or the ssh fingerprint as environment variables so my ForceCommand script can use them to actually authorize the user by the principal/fingerprint. It?s a bit annoying to keep my own patch and I thought it might be something

https://bugzilla.mindrot.org/show_bug.cgi?id=2063 Bug ID: 2063 Summary: RFE: export principal which was used for .k5login Classification: Unclassified Product: Portable OpenSSH Version: 6.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component:

https://bugzilla.mindrot.org/show_bug.cgi?id=2496 Bug ID: 2496 Summary: sshd hangs when using AuthorizedKeysCommand Product: Portable OpenSSH Version: 7.1p1 Hardware: amd64 OS: FreeBSD Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2355 Bug ID: 2355 Summary: general protection / segfaults when PermitOpen=none Product: Portable OpenSSH Version: 6.7p1 Hardware: amd64 OS: Linux Status: NEW Severity: major Priority: P5 Component: sshd Assignee: unassigned-bugs at

Am 25.02.2016 um 14:41 schrieb Renato Golin: > On 25 February 2016 at 12:46, Joachim Durchholz via llvm-dev >> What workflow are you comparing this to, if a pull request is a penalty? > > Today, 100s of people commit directly. Ah. I wasn't aware of that, I thought LLVM had a gatekeeper model. > In a GitHub style, 100s of > people will have to wait for a merge from a few

On 25 February 2016 at 15:01, Joachim Durchholz via llvm-dev <llvm-dev at lists.llvm.org> wrote: > Well, PRs are a good way to discuss proposed patches, so you can take the > discussion there. Particularly if the git hoster gives you all the web forum > thingies you want, including the ability to be helpful with Markdown. > Also, a PR is easy to integrate once it's done.

This is a good suggestion - and maybe I'm not totally clear on the restrictions... So - in these situations gitolite will actually append things to your authorized_keys file. Which can get very long. And after a while - it gets *very* long. I think I saw comments that it should be limited to about 20k or so. And around 20k the look up times are in the seconds. So that wouldn't be enough

I guess I didn't want to litter the users table either - it just seems "wrong" to be actually adding things to the host when it is really so transient. It feels like it should be LDAP-ish. Just ask the server for the keys and do a one-off authentication. But I've seen even LDAP creates the user directories. I see that 2.6 kernels can have some 4B users, which should last me a

Am 25.02.2016 um 12:33 schrieb Renato Golin via llvm-dev: > Kristof, Chandler, > > I think most of the responses seem favourable of the move, the > concerns being which Git repo we'll use (GitHub, GitLab, BitBucket), > but they're essentially identical on the git side. I'm repeating myself but not they are not identical on the git side. Not for people without push

Nico Kadel-Garcia <nkadel at gmail.com> writes: > I'm just trying to figure out under what normal circumstances a > connection with X11 forwarding enabled wouldn't be owned by a user who > already has normal system privileges for ssh, sftp, and scp access. Some OS distributions (FreeBSD, RHEL / CentOS, probably Fedora) have X11Forwarding enabled by default. DES --

I have a project using Git on machine A. I'm running a Centos server on machine B. I'd like to "publish" the project on machine B (mainly for my own use, so I can access it from various sites). I've asked about this on a Git mailing list, but haven't understood the replies. In particular, a couple of people suggested gitolite, but when I examined this I couldn't make

Hi, AFAICT, there is no .ssh/config option for disabling pseudo-tty allocation. It would be nice to have one. Context: we're using gitolite in our project, and it sets things up to run a command with "no-pty". Every once in a while, users will try to ssh to the machine to see that things are working, and when they see the "PTY allocation request failed on channel 0"