SSH container passthrough hangs

Install/Maintain/Configure
1

I have been following the Install guide to setup gitea with docker and ssh passthrough. However when I attempt to clone a repository, the clone process starts, but hangs indefinately:

git clone git@gitea.internal:TestUser/TestRepo.git
Cloning into 'TestRepo'...

The directory TestRepo is created but only the .git directory and some files inside it are created, but nothing else in TestRepo directory.

I checked the docker-compose logs output on the gitea host and this line appears:

gitea     | Accepted publickey for git from 172.28.0.1 port 42784 ssh2: RSA <SSH public key>

The /home/git/gitea/data/gitea/log directory is empty.

When I ctrl-c to stop the clone process, the following is output from the client:

fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.

and for docker-compose logs:

gitea     | Received disconnect from 172.28.0.1 port 48356:11: disconnected by user
gitea     | Disconnected from user git 172.28.0.1 port 48356

I have checked permissions for the .ssh and gitea directories:

drwx------ 2 git  git  4096 Sep 18 12:31 .ssh
drwxrwxr-x 4 git  git  4096 Sep 18 12:35 gitea

Also, before following the steps to add ssh container passthrough I tested ssh on a non standard port (i.e. git clone git@gitea.internal:2222:TestUser/TestRepo.git) and was able to clone the repo without issue.

I’ve tried recreating the host ssh key and used different machines and get the same result. Any advice on how to resolve this would be much appreciated!

For reference, this is my docker compose yaml:

version: "3"

networks:
  gitea:
    external: false

services:
  server:
    image: gitea/gitea:1
    container_name: gitea
    environment:
      # The UID and GID match the git user on my system
      - USER_UID=127
      - USER_GID=137
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=<password>
    restart: always
    networks:
      - gitea
    volumes:
      - /home/git/gitea/data:/data
      - /home/git/.ssh/:/data/git/.ssh
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "127.0.0.1:2222:22"
    depends_on:
      - db

  db:
    image: postgres:13
    restart: always
    environment:
      - POSTGRES_USER=gitea
      - POSTGRES_PASSWORD=<password>
      - POSTGRES_DB=gitea
    networks:
      - gitea
    volumes:
      - /home/git/gitea/postgres:/var/lib/postgresql/data

and my system is ubuntu 20.04 64bit

2

After some time I finally figured out the issue. When creating the /app/gitea/gitea script the quotation marks I used were not correct. I had done:

echo "ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"" | sudo tee /app/gitea/gitea

Instead of

echo 'ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"' | sudo tee /app/gitea/gitea

This meant the script contianed:
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 SSH_ORIGINAL_COMMAND="" /usr/bin/bash
instead of
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"

After correcting this I am now able to git clone without issue.

2 Likes