git clone from Linux to TFS git repo

2019-02-19 22:50发布

问题:

I've been trying to solve an issue with Git repo that is hosted on an on-prem TFS2017, cannot do a "git clone" command from a linux machine which is not in the domain, keep getting "fatal: Authentication failed for".

The user i am using is a local user on the Linux machine (same name as domain user, same password) the user is granted user in the Git repo While working same drill from a domain joined Windows machine, everything works fine (i use Git Bash).

Ive created ssh key on the Linux and updated it in the TFS user profile as public, didnt help.

Here is a TFS activity log:

In the picture we can see the TOP request has no Authentication, no identity and Application (when trying to access from Linux), yet on the bottom, same access from Git Bash (Win machine), Authentication type is "Negotiate", there is Identity name and the Application.

TY guys.

回答1:

First, please double confirm you have followed this tutorial-- Use SSH key authentication to connect to your Git repos. Avoid adding whitespace or new lines into the Key Data field-they can cause VSTS to use an invalid public key.

Besides, you could also try to configure Basic Authentication on your TFS Application Tier server or use Git Credential Managers to authenticate from Linux. This will narrow down if the issue is related your ssh authentication type or environment on your Linux machine.

Try to disable the firewall on the Linux build agent during the git clone command test.



回答2:

Ive managed to overcome the issue, one of the steps was to configure the SSH authentication..
1. On the Linux Machine, ive added the TFS server to HOSTS file and installed Git client.
Then ive followed this guide guide for ContOS >> AD authentication, i followed up to step 4.
2. On the Linux machine generate Public Key using "ssh-keygen", and use this key as
3. On the TFS web page, at the user icon, we have security tab, went to SSH public keys and added the generated key from Linux (must be from public key, not private).
4. Eventually from the Linux i type in the full repo address, for example git clone ssh://tfs.domain.com:22/Defaultcollection/_projectname/git

It will prompt you to authorize the RSA connection, and that's it.
Hope that helps.