Wrong readme instruction lead to unusable ssh

[narduin]

Describe the bug

After a clean install following the official Readme here, it was impossible to use ssh to pull/push. It kept asking for gitea's password. After reinstalling, trying the testing branch and several hours of tests, I found a comment on the gitlab repo that it could be coming from

UsePAM no

So I changed it to yes and now I can ssh with gitea. I don't know if it's coming from my install or if it's an error in the Readme.

Context

• Hardware: VPS bought online
• YunoHost version: 4.3.6.2
• I have access to my server: Through SSH | through the webadmin
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no
• Using, or trying to install package version/branch: master/testing

Steps to reproduce

• Install master or testing (web interface or command line)
• Add gitea user to ssh.app group
• Edit sshd_config to match the one described in the Readme
• Add an SSH key to your profile in gitea app
• Try to push a repo

Expected behavior

Should be able to push without being asked for a password using SSH.

[Zykino]

Thanks, as admin sudo usermod -a -G ssh.app gitea was necessary. Nothing was needed to change in the /etc/ssh/sshd_config file in the end.

[olberger]

Also, on a related issue, we noticed a strange permissions issue. sshd would refuse connections with:

Authentication refused: bad ownership or modes for directory /home/gitea/.ssh

After a check, it becomes obvious why:

# ls -ld /home/gitea/.ssh
drwxrwxrwx 2 gitea gitea 4096 Jul  5 14:30 /home/gitea/.ssh

I guess something's broken either in some Debian or YNH installation scripts...

Fixing perms solved the issue.

Hth,

P.S.: I didn't open a specific issue, as I guess it's quite related in case of SSHing for git.

[stilobique]

Hey, I look to make update the readme file, some old instruction needs to be removed, and write inside the Yunohost documentation.