[solved] Moved Gitea to new Docker host, SSH no longer works

I was running Gitea on a NUC via docker for a long time, then just this past week the hard drive started making horrible noises. So I shutdown the containers, backed up the volumes and configuration files, and moved them to a new Docker NUC I had been prepping but hadn’t implemented yet. I’ve got almost everything back online, but I’ve found I cannot SSH into Gitea to git pull or git clone via SSH. Git clone via HTTPS is working.

I’ve removed and re-applied my SSH public key via my profile settings a couple times, and tried to update the authorized users file via the admin settings. But I still cannot connect. I have tried doing direct Putty SSH connections and git SSH connections, both a no go. The Docker logs don’t seem to show anything specific. I also tried changing my SSH port for Gitea from 22 to 2221 to make sure I wasn’t having some sort of overlap (even though I was using port mapping 2221:22 previously).

Here’s the related docker-compose section:

# git server
  gitea:
    image: "gitea/gitea:latest"
    container_name: "gitea"
    environment:
     - USER_UID=1000
     - USER_GID=1000
     - DOMAIN=git.rowland.pw
     - SSH_DOMAIN=git.rowland.pw
     - SSH_PORT=2221
     - SSH_LISTEN_PORT=2221
     - ROOT_URL=git.rowland.pw
    ports:
     - "2221:2221"
    volumes:
     - /srv/gitea/data:/data
     - /etc/timezone:/etc/timezone:ro
     - /etc/localtime:/etc/localtime:ro
    restart: always

Any ideas on where to go next?

hmm… good question. I just checked my compose file and I did my mapping via “22:4444” and that works like a charm. have you tried accessing the port from your nuc? did you try to telnet the port? telnet yourserver 2221 or maybe with a port-scanner?

Either networking is screwed up, or gitea does not initialize properly. In the first case, tcpdump is your friend, and in the second, I’d try strace. You will probably need to modify the gitea container, though.

What happens when you try to git clone via SSH, as in what are the specific errors you are receiving?

Sorry it’s taken so long to respond, got busy with work. But I finally dug into it today and I have it working now.

I removed the SSH_PORT and SSH_LISTEN_PORT variables from my docker-compose, and changed the docker port map to 2221:22. It still wouldn’t connect. So I made another new SSH key and uploaded it back to Gitea. It still wouldn’t connect from SSH. Do I entered docker exec and checked the sshd_config file. Git is the only allowed user. Ok, now I knew that for sure. I was trying git and my username. Eventually I checked docker logs and saw an error about “bad ownership or modes on /data/git/.ssh”. The ownership looked good, all owned by git user. But the .ssh directory was chmod 777, so I changed it to 700 and I could login again.

Thanks for your help in jogging my brain for this.