4.8 KiB
4.8 KiB
Forgejo SSH Troubleshooting Guide
Overview
This guide covers common issues and solutions when setting up SSH access to Forgejo, particularly in a Docker-based deployment.
Environment Setup
Server Side
- Forgejo running in Docker container
- SSH port mapped from container port 22 to host port 222
- Direct SSH access (not through proxy)
- Git clone URL format:
ssh://git@your-domain:222/username/repo.git
Client Side
- Windows 11 Pro
- OpenSSH client
- PowerShell 7+
- Git for Windows
Common Issues and Solutions
1. SSH Key Authentication
Symptoms
- "Permission denied (publickey)" errors
- Repeated passphrase prompts
- Failed Git operations
Solutions
-
Verify SSH Key Setup
# Check if key exists ls ~/.ssh/id_ed25519 # Generate new key if needed ssh-keygen -t ed25519 -C "your@email.com" -
Add Key to Forgejo
- Copy public key content
- Add to Forgejo web interface (Settings > SSH Keys)
- Verify key using challenge token
-
Configure SSH Agent
# Start SSH agent Start-Service ssh-agent # Set to start automatically Set-Service -Name ssh-agent -StartupType Automatic # Add key to agent ssh-add ~/.ssh/id_ed25519 # Verify key is loaded ssh-add -l
2. SSH Connection Issues
Symptoms
- Connection timeouts
- Port access denied
- Authentication failures
Solutions
-
Verify Port Access
# Test port connection Test-NetConnection -ComputerName your-domain -Port 222 -
Check SSH Config
# View SSH config cat ~/.ssh/config # Example config Host your-domain HostName your-domain Port 222 User your-username IdentityFile ~/.ssh/id_ed25519 PreferredAuthentications publickey -
Test SSH Connection
# Basic test ssh -T git@your-domain -p 222 # Verbose test ssh -vvv -T git@your-domain -p 222
3. Git Configuration
Symptoms
- Git operations fail
- Wrong SSH implementation used
- Authentication issues
Solutions
-
Configure Git SSH Command
# Check current setting git config --get core.sshCommand # Set to Windows SSH git config --global core.sshCommand "C:/Windows/System32/OpenSSH/ssh.exe" -
Verify Repository URL
# Check remote URL git remote -v # Update if needed git remote set-url origin ssh://git@your-domain:222/username/repo.git
4. Docker-Specific Issues
Symptoms
- Container SSH service not responding
- Port mapping issues
- Container configuration problems
Solutions
-
Check Container Status
# Verify container is running docker ps | grep forgejo # Check container logs docker compose logs | grep ssh -
Verify Port Mapping
# Check port mappings docker port forgejo -
Check SSH Service
# Verify SSH service is running docker exec forgejo ps aux | grep sshd
Best Practices
SSH Key Management
- Use ED25519 keys for better security
- Always use a passphrase
- Add keys to SSH agent for persistence
- Regularly rotate keys
Git Configuration
- Use consistent SSH implementation
- Configure Git to use system SSH
- Use correct repository URL format
- Keep Git and SSH clients updated
Docker Setup
- Use proper port mappings
- Configure container for SSH access
- Monitor container logs
- Regular container updates
Troubleshooting Steps
1. Basic Checks
- Verify SSH key exists and is loaded
- Check SSH agent is running
- Confirm port 222 is accessible
- Verify Git configuration
2. Connection Testing
- Test basic SSH connection
- Check verbose SSH output
- Verify port connectivity
- Test Git operations
3. Server Verification
- Check container status
- Verify SSH service
- Check container logs
- Verify port mappings
4. Client Configuration
- Verify SSH config
- Check Git settings
- Test SSH agent
- Verify key permissions
Common Error Messages
"Permission denied (publickey)"
- Key not added to Forgejo
- Wrong key being used
- SSH agent not running
- Key not loaded in agent
"Connection refused"
- Port 222 not accessible
- Container not running
- Firewall blocking access
- Wrong port mapping
"Host key verification failed"
- Known hosts file issue
- Server key changed
- Wrong host configuration
Prevention Tips
- Document all configurations
- Use consistent naming
- Regular security updates
- Monitor system logs
- Backup SSH keys
- Test after changes