gitolite installation: I cannot clone gitolite-admin repo!

I'm trying to install gitolite on my ubuntu server machine.

still, there're lots of things I don't know yet, but I'm stepping forwarding very slowly following its instruction(http://sitaramc.github.com/gitolite/doc/1-INSTALL.html).

1. my account of the server is 'yoon' and gened key-pair using ssh-keygen command without passpharse(just hit enter). then, copy public key to /tmp dir and chmod it 777.
2. install gitolite using 'sudo apt-get install gitolite' and it also created gitolite account.(last line of output was No adminkey given - not initializing gitolite in /var/lib/gitolite.)
3. change user using 'sudo su gitolite' and exec 'gl-setup /tmp/id_rsa.pub'.
4. return to my account(yoon) and run 'git clone [email protected]:gitolite-admin' and then it asks [email protected]'s password.
5. If I hit enter because I didn't typed any passpharse when creating key pair, terminal said that Permission denied, please try again.

plz let me give any clue~ THANK YOU!

+ I'm using same maching as a server and a client.

+ full list of ssh -vvv command

yoon@ubuntu:~$ ssh -vvv [email protected]
OpenSSH_5.5p1 Debian-4ubuntu5, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to myserver.com [xxx.xxx.xxx.xxx] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /home/yoon/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/yoon/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/yoon/.ssh/id_rsa-cert type -1
debug1: identity file /home/yoon/.ssh/id_dsa type -1
debug1: identity file /home/yoon/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-4ubuntu5
debug1: match: OpenSSH_5.5p1 Debian-4ubuntu5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu5
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 126/256
debug2: bits set: 503/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: host myserver.com filename /home/yoon/.ssh/known_hosts
debug3: check_host_in_hostfile: host myserver.com filename /home/yoon/.ssh/known_hosts
debug3: check_host_in_hostfile: host myserver.com filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host myserver.com filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host xxx.xxx.xxx.xxx filename /home/yoon/.ssh/known_hosts
debug3: check_host_in_hostfile: host xxx.xxx.xxx.xxx filename /home/yoon/.ssh/known_hosts
debug3: check_host_in_hostfile: host xxx.xxx.xxx.xxx filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host xxx.xxx.xxx.xxx filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host myserver.com filename /home/yoon/.ssh/known_hosts
debug3: check_host_in_hostfile: host myserver.com filename /etc/ssh/ssh_known_hosts
debug2: no key of type 0 for host myserver.com
debug3: check_host_in_hostfile: host myserver.com filename /home/yoon/.ssh/known_hosts2
debug3: check_host_in_hostfile: host myserver.com filename /etc/ssh/ssh_known_hosts2
debug3: check_host_in_hostfile: host myserver.com filename /home/yoon/.ssh/known_hosts
debug3: check_host_in_hostfile: host myserver.com filename /etc/ssh/ssh_known_hosts
debug2: no key of type 2 for host myserver.com
The authenticity of host 'myserver.com (xxx.xxx.xxx.xxx)' can't be established.
RSA key fingerprint is d4:5d:af:76:51:63:42:7d:ed:43:5f:bf:17:c6:c3:d4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'myserver.com,xxx.xxx.xxx.xxx' (RSA) to the list of known hosts.
debug2: bits set: 503/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/yoon/.ssh/id_rsa (0x7fc8e9b596b0)
debug2: key: /home/yoon/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/yoon/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/yoon/.ssh/id_dsa
debug3: no such identity: /home/yoon/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
[email protected]'s password:
debug3: packet_send2: adding 64 (len 53 padlen 11 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
[email protected]'s password:
debug3: packet_send2: adding 64 (len 53 padlen 11 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
[email protected]'s password:
debug3: packet_send2: adding 64 (len 53 padlen 11 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password).

1. [command="/usr/share/gitolite/gl-auth-command id_rsa",no-port-forwarding,no-X11-forwarding,no-agent-forwar‌​ding,no-pty ssh-rsa blahblah... myaccount@myserver] exists in ~gitolite/.ssh.authorized_keys file 2. I have id_rsa and id_rsa.pub in .ssh directory of my client.

@Hongseok: what does ssh -vvv [email protected] returns (in full) ? That should list what ssh does to try and identify you.

I've just posted the result editing my Q, really appreciate it!

@Hongseok: mmm... maybe bbs.archlinux.org/viewtopic.php?id=55471 can help. Try recreating your keys (public and private, and republishing your private key through gl-setup). If it still doesn't work, the thread I mention talks about sshd_config file, which could also explain your error message.

@Hongseok: for instance, the thread above mentions: " For me at least, this error was caused by my /etc/hosts.allow and /etc/hosts/deny not allowing sshd access to sshd. Obviously I just put "sshd : ALL" in /etc/hosts.allow and it started working."

@Hongseok: make sure you generate rsa keys (unix.com/red-hat/…). Regarding my previous comment about host.allow: bbs.archlinux.org/viewtopic.php?pid=422485 (another illustration)

@Hongseok: sorry to read that. The basic ssh command is the first step to solve in order to have a successful gitolite installation and integration. I hope you will find the solution.

I'm getting some clue...ubuntu package installation create user gitolite and clone command asks password for gitolite not a passpharse. if I prepare repo using another account, it works okay. then, what the password for gitolite? I've even changed its password, but still...Permission denied message is begin vommitting. :(

plus..., if it requires password for gitolite account, do admin have to share it to all other user? not only public key?

@Hongseok: no it shouldn't require a password, and it shouldn't be "shared" ever. One explanation could be if you did enter a passphrase when generating the public/private key of gitolite account.

This solution worked for me since I had permitrootlogin no on my server. for those who want to try this solution but don't know what to do "sudo nano /etc/ssh/sshd_config" then add to the bottom "AllowUsers gitolite" without the quotes

Now that it's working, are your .ssh/authorized_keys file and with the gitolite information and .gitosis-admin directories in /home/gitosis or in /root? I'm running into the same problem you were but the fix isn't working, and those were put in root for me and it seems like they should have been in gitosis.

On my machine (synology) I changed /etc/passwd's shell-entry of user git to /bin/sh instead of /sbin/nologin.