[gentoo-user] git wants a password to portage sync

[gentoo-user] git wants a password to portage sync

[Bill Kenworthy]

I use a central machine that all other gentoo machines pull portage
updates from using emerge set up for git.

Some 10+ physical and virtual machines work fine.

A newly installed machine wants a git password to do the git pull where
as no other machine does.  Tried setting up keys for it on the remote
machine (user portage which is who git pulls come from) and ssh login
works fine, git demands a password.

Any hints because its got me beat!

BillK

[gentoo-user] Re: git wants a password to portage sync

[Nikos Chantziaras]

On 05/12/17 12:40, Bill Kenworthy wrote:
> I use a central machine that all other gentoo machines pull portage
> updates from using emerge set up for git.
> 
> Some 10+ physical and virtual machines work fine.
> 
> A newly installed machine wants a git password to do the git pull where
> as no other machine does.  Tried setting up keys for it on the remote
> machine (user portage which is who git pulls come from) and ssh login
> works fine, git demands a password.
> 
> Any hints because its got me beat!

I suspect the keys on the other machines are not password protected, but 
the key on that machine is and Git asks you for it.

Re: [gentoo-user] Re: git wants a password to portage sync

[Bill Kenworthy]

On 05/12/17 21:15, Nikos Chantziaras wrote:
> On 05/12/17 12:40, Bill Kenworthy wrote:
>> I use a central machine that all other gentoo machines pull portage
>> updates from using emerge set up for git.
>>
>> Some 10+ physical and virtual machines work fine.
>>
>> A newly installed machine wants a git password to do the git pull where
>> as no other machine does.  Tried setting up keys for it on the remote
>> machine (user portage which is who git pulls come from) and ssh login
>> works fine, git demands a password.
>>
>> Any hints because its got me beat!
> 
> I suspect the keys on the other machines are not password protected, but
> the key on that machine is and Git asks you for it.
> 
> 

No, all machines are set up as keyless ssh - git has never needed it
there.  In frustration I created keys and set portage up as a keyless
ssh account as well, no change.

[gentoo-user] Re: git wants a password to portage sync

[Ian Zimmerman]

On 2017-12-06 05:53, Bill Kenworthy wrote:

> No, all machines are set up as keyless ssh - git has never needed it
> there.  In frustration I created keys and set portage up as a keyless
> ssh account as well, no change.

ssh messages are sometimes misleading.  For instance, ssh would say
something like "pubkey authentication failed" when in fact I prohibited
root logins on the server.

I'd try connecting with bare ssh as the user in question, with maximum
verbosity turned on (-vvv).

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet, fetch the TXT record for the domain.

Re: [gentoo-user] Re: git wants a password to portage sync

[Alan McKinnon]

On 06/12/2017 00:35, Ian Zimmerman wrote:
> On 2017-12-06 05:53, Bill Kenworthy wrote:
> 
>> No, all machines are set up as keyless ssh - git has never needed it
>> there.  In frustration I created keys and set portage up as a keyless
>> ssh account as well, no change.
> 
> ssh messages are sometimes misleading.  For instance, ssh would say
> something like "pubkey authentication failed" when in fact I prohibited
> root logins on the server.
> 
> I'd try connecting with bare ssh as the user in question, with maximum
> verbosity turned on (-vvv).
> 


The error messages from the ssh client are, by design, intentionally
vague. They amount to a teeny bit more detail than just "something went
wrong", plus the available auth methods listed in parenthesis.

This is because the sshd server avoids information leakage that
attackers could use.

To find out why ssh does not work, start by looking at the server logs,
then examine the client is nothing obvious stands out.

-- 
Alan McKinnon
alan.mckinnon@gmail.com

Re: [gentoo-user] Re: git wants a password to portage sync

[Bill Kenworthy]

On 06/12/17 06:43, Alan McKinnon wrote:
> On 06/12/2017 00:35, Ian Zimmerman wrote:
>> On 2017-12-06 05:53, Bill Kenworthy wrote:
>>
>>> No, all machines are set up as keyless ssh - git has never needed it
>>> there.  In frustration I created keys and set portage up as a keyless
>>> ssh account as well, no change.
>>
>> ssh messages are sometimes misleading.  For instance, ssh would say
>> something like "pubkey authentication failed" when in fact I prohibited
>> root logins on the server.
>>
>> I'd try connecting with bare ssh as the user in question, with maximum
>> verbosity turned on (-vvv).
>>
> 
> 
> The error messages from the ssh client are, by design, intentionally
> vague. They amount to a teeny bit more detail than just "something went
> wrong", plus the available auth methods listed in parenthesis.
> 
> This is because the sshd server avoids information leakage that
> attackers could use.
> 
> To find out why ssh does not work, start by looking at the server logs,
> then examine the client is nothing obvious stands out.
> 

Got it! Needed ssh keys for portage@remote from root@local.  Its working
but no idea why its only this machine that required it.

Thanks,
BillK