I want to use SSH on my GitLab server. However, I even cannot see the "Clone with SSH" option.
Any idea why it is happening? Or why SSH is inactive on my Gitlab server?
The access protocol to GitLab can be set using HTTPS or SSH. This feature should be activated by Admin. Please see this:
https://docs.gitlab.com/ee/user/admin_area/settings/visibility_and_access_controls.html#enabled-git-access-protocols
Related
I just created a VM but SSH option is disable i can't SSH.
Please Help how to enable SSH.
There could be a few issues that can cause this.
Is the instance running?
Did you try to ssh to the instance via Cloud Shell? I can see that you only have an internal IP address, so you can use this command:
gcloud compute ssh internal-instance-name --internal-ip
Do you have one of the following roles assigned? Owner, Editor, Compute Admin, Compute Instance Admin?
Is port 22 enabled under your firewall?
Also GCP has a really good ssh troubleshooting guide that can help you.
I have a microservice, let's call it RdsConnector, I want to test locally that is normally deployed on a machine on AWS. It connects to a MySQL instance, which is also in AWS, without any SSH tunnelling as they are in the same VPC. To connect to that MySQL instance from my local machine, I can use SSH tunnelling to get into the VPC I have set up in AWS. This is what that configuration looks like:
I could set up my microservice to also connect through SSH (optionally, perhaps), but I don't want to do that. Then I would have a different configuration running it locally vs in the cloud. What I want to do instead is set up some kind of proxy server on my local machine that will take the SSH credentials and do that SSH tunnelling, exposing the VPC MySQL endpoint locally. Then RdsConnector will just use that local endpoint, and I won't have to have a different config for RdsConnector just for local testing.
I'm not very familiar with the networking technologies in use here. I just know that there's no public IPs for my VPC, so I have to SSH in. I imagine that what I want is possible, but I have no idea what the moving parts would be.
Ok this turned out to be quite simple actually! The ssh program can do this for you, this is how I configure it with Mac OS ssh:
ssh -N -i "/Users/foo/aws_ssh_key.pem" \
-L "localhost:5990:stack-name-vpc-db.asdfqwerty.us-east-1.rds.amazonaws.com:3306" \
foo#12.34.567.890
With the -L flag, it'll proxy stuff over the SSH connection for you from the given endpoint to the provided endpoint on the other side. That -N flag is optional, it just turns off the regular SSH console since we only want to run a proxy server. The microservice can treat localhost:5990 as if it were the regular MySQL endpoint.
I tried reading Artifactory user guide but the instructions on SSH authentication were not clear. Can someone explain how to do SSH authentication in Artifactory?
Actually, enabling SSH on Artifactory is fairly straight forward, the client is what may require some additional debugging if it is unable to connect for any reason. The steps for enabling SSH on Artifactory are available in the online documentation for SSH Integration. You simply need to create a key pair on any machine with ssh-keygen installed (most linux distros will have this by default), then click on Admin, select Security -> SSH Server, click Enable SSH and add in the private and public key just created. Select a port and set the custom base url if necessary and Save.
Now, the user in Artifactory that wishes to authenticate with SSH needs to add his public key to his profile. This can be done by simply logging in and clicking your username in the top right corner of Artifactory. Under this section, you will need to add your password again and then you can simply paste the public key in the SSH section, you can read about this process in Updating Your Profile.
That's it, Artifactory is now ready for SSH for that particular user, and any other user can add their public key to their profile to use SSH authentication.
Configuring the client depends on which client you are attempting to setup. The most common use case is GitLFS, so I will share some documentation for setting up Git LFS with SSH to Artifactory.
Most of what you need to setup Git LFS can be found in JFrog's Git LFS Repository Authenticating with SSH documentation, or in JFrog's public solution on Git LFS Authentication. The latter contains an example of what the git config file should look like and also contains relevant information on setting up SSH authentication with an nginx reverse proxy (if you have one configured and running).
If this doesn't answer your question, can you please provide some more details on which client you are using to authenticate and specifically what is not working (any relevant error messages or log output), both Artifactory and client-side.
I'm playing with Google Compute Engine(GCE) as I'm planning to migrate the cloud service provider from Rackspace(reason: GCE has good upgrade plans with best discount price).
I have few issues with GCE and one of them is Ubuntu os/image not supported by default. But there is an alternate method to run any linux distro in GCE, which is called Building an image from scratch for uploading custom images and creating instances(servers) from uploaded image.
I could able to create and run the instances from the Ubuntu image I uploaded to GCE following the link hagikuratakeshi.hatenablog.com. This is simply running ubuntu in general. I didn't face any problem but google's gcutil tool prompts for ssh passphrase and adds the key in GCE meta data but accepts only password logins(then why it prompts for passphrase).
I want to strictly follow Building an image from scratch as recommended by google. But after following all the steps, I could not able to login to my server instance via SSH. I guess this happens when I install Google Compute Engine image packages: google-startup-scripts_1.1.2-1_all.deb, google-compute-daemon_1.1.2-1_all.deb & python-gcimagebundle_1.1.2-1_all.deb. These packages/scripts make some changes to the instance at the startup and also to SSH configuration which are Strongly recommended. Once I strictly follow the link or once I install these packages I could not able to establish SSH connection once the instance is rebooted. The error message similar to the one below is shown while trying to connect:
test#machine1:~$ gcutil --service_version="v1" --project="mypro-555" ssh --zone="asia-east1-a" "server-instance-1"
INFO: Running command line: ssh o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -i /home/test/.ssh/google_compute_engine -A -p 22 test#101.167.xxx.xxx -
ssh: connect to host 101.167.xxx.xxx port 22: Connection refused
NOTE: The user account test is available and common on both local and GCE server!.
My main problem is SSH connection when I strictly follow the steps. If I upload the fresh image and then follow the recommended steps connecting SSH, I could not do SSH again once I restart the instance (or) if I setup everything in the uploaded image before uploading, the created instance will be running but I could not able to connect atleast ones and the error is same.
Anybody using GCE with your custom image?, are you allowed to connected even after following the recommended settings?. Anyone already fixed this SSH issue?. Please post your comments!
EDIT 1
I could not figure out from the logs and here is the output of gcutil getserialportoutput server-instance-1.
The key here is that your ssh client says "connection refused". This indicates that there is indeed a machine at that IP address, but it's not accepting SSH connections. There are a few possible explanations:
The ssh daemon isn't running, or is listening on the wrong interface
Your instance is configured with a firewall that's denying SSH traffic
The GCE firewall rule to allow SSH traffic has been removed
is it possible to use the LDAP / Active Directory with OpenSSH ?
That is avoiding using the commands "mkgroup -d..." and "mkpasswd -d ..." of OpenSSH. These commands are used to define an user list allowed to access to the "ssh server" machine... and I would like to avoid having a fixed list not to have to relaunch the commands several times.
I use OpenSSH as a SSH server and putty as a client.
Thanks for your help
I can not determine which OS you OpenSSH is running on?
Assuming it it Linux/UNIX, AFAIK, you would want to setup using PAM (Pluggable Authentication Module).
Google for PAM LDAP Linux
One link is:
http://wiki.linuxquestions.org/wiki/Pam_ldap