GIT project clone "Authentication failed"

Hi friends,

I've been trying to figure this out for days.

Problem:

  • I have a node-red v3.1.0 and gitea v1.21.0 running in a Kubernetes cluster.
  • I'm adding public/private keys to node-red via a secret and gitea user has the same public key verified.
  • Key doesn't have a passphrase.
  • Attempting to clone the repo project from node-red fails with "Authentication failed".

Validation:

  1. I have logged into the node-red pod and able to SSH into the Gitea SSH using the key from the /data/projects/.sshkeys folder:

    node-red-5767bcd6d4-mn6qs:/data/1$ ssh -i /data/projects/.sshkeys/__default_gitea git@[redacted]
    PTY allocation request failed on channel 0
    Hi there, node-red! You've successfully authenticated with the key named [redacted], but Gitea does not provide shell access.
    If this is unexpected, please log in with password and setup Gitea under another user.
    Connection to [redacted] closed.
    
  2. I have logged into the node-red pod and can clone the target repo using the key from the /data/projects/.sshkeys folder:

    $ GIT_SSH_COMMAND="ssh -i /data/projects/.sshkeys/__default_gitea" git clone git@[redacted]:smart-home/node-red.git
    Cloning into 'node-red'...
    remote: Enumerating objects: 578, done.
    remote: Counting objects: 100% (578/578), done.
    remote: Compressing objects: 100% (245/245), done.
    remote: Total 578 (delta 371), reused 509 (delta 330), pack-reused 0
    Receiving objects: 100% (578/578), 110.47 KiB | 9.21 MiB/s, done.
    Resolving deltas: 100% (371/371), done.
    
  3. Using the same key from the UI doesn't work, there are no logs produced by node-red in this case.

Does anyone know what am I doing wrong here?

Have you tried that id? It isn't the one in the image you shared.

Thank you for response! When I created an SSH key manually from node-red with the gitea name, the file that it generated was /data/projects/.sshkeys/__default_gitea. So I think that's the node-red naming convention and in the UI it is displayed without the __default_ prefix. To summarize, the key in the screenshot is the __default_gitea file.

I've found a workaround of sorts. From the pod shell:

cd /data/projects
GIT_SSH_COMMAND="ssh -i /data/projects/.sshkeys/__default_gitea" git clone git@.../node-red.git
chown -R /data/projects/node-red node-red

After that, it's possible to then open exiting project via node-red UI and it appears that pull/push just works.

The conclusion here IMO is that the git clone in the initial project setup isn't working in my case for some reason.