Using SSH to git clone for forgejo?

General Discussion
1

For security reasons, I have successfully made forgejo go into HTTPS mode by modifying app.ini file. I provided my own .crt and .key files , and I could access forgejo in https on my browser.

But then when I git clone my repository by using SSH, I see that it asked for forgejo user’s password. So I set one with passwd forgejo and then I retried git clone again. The result is it complained that the git repository doesn’t exist:

$ git clone ssh://forgejo@192.168.1.2/admin_user/My_Repo.git
Cloning into 'My_Repo'...
forgejo@192.168.1.2's password:
fatal: '/admin_user/My_Repo.git' does not appear to be a git repository
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Before this, I have tried git clone http normally before I changed it to https, and git clone http worked fine. But now, I want to use SSH.

How to use SSH in this case? Any missing steps here?

2

SSH is a different protocol than HTTPS. They have nothing to do with each other. I guess you need to use HTTPS to clone your repository

3

Before this, I have tried git clone via https but it got SEC_E_UNTRUSTED_ROOT . The certificate chain was issued by an authority that is not trusted as this is a self-signed certificate. That’s why I tried SSH so I do not have to do any certificate management.

But I went back to git clone via HTTPS now. I just use the option git config --local http.sslVerify false to bypass the TLS certificate verification and things seem ok now. For personal, this is ok, but for business, this should not be done.

1 Like
4

Which is to be expected since you are using a self-signed certificate

As soon as the system is accessible via the internet, I strongly recommend a proper certificate. Even if it is only for private use

1 Like
5

Hello @iono ,

Configuring the SSH access has been a pain in the ass for me too.

I have spent countless hours to fix this on my Rasp/Diet pi.

I had given up a first time, then I wanted to give it another try. And after a couple of hours for nothing, I finally made it! It now works!

What I have done is asking a chatbot, and it gave me this hint: Dropbear was maybe not the right candidate for the SSH Server functionality.

So if you have it installed, try to install OpenSSH Server instead. For me it worked.

The reason is: Dropbear may not handle some of the SSH scripts parameters used by Forgejo.

Good luck!

Valentin