On Thu, Dec 18, 2014 at 10:19:19PM +0000, Dan Langille (dalangil) wrote: > This is what happens without a valid ticket: > > $ git clone https://us.example.com/git/clamav-bytecode-compiler > Cloning into 'clamav-bytecode-compiler'... > Username for 'https://us.example.com': dan > Password for 'https://dan@xxxxxxxxxxxxxx': > fatal: Authentication failed for 'https://us.example.com/git/clamav-bytecode-compiler/' So there are two ways to do this. One is allowing users to clone without any credentials, which I take it you are trying to avoid. If that *is* what you're going for, I can provide you with my Apache configuration, which does allow that. What I would recommend is going to https://us.example.com/git/clamav-bytecode-compiler/info/refs in a web browser without a ticket, and see if it prompts you for a username and password. When you get that working, it will probably also work for you with git. You can also run git with GIT_CURL_VERBOSE=1 and see the protocol exchange printed out, so you can see what's happening. You'll obviously want to see if the server offers Basic auth as well as Negotiate. You might also try specifying KrbMethodK5Passwd on explicitly. I don't happen to use that option (I use Kerberos to avoid passwords altogether) so that might work for you. I don't know what version of git you're using, but some older versions will still prompt for a password whenever authentication fails. Therefore, just because you're getting a password prompt doesn't mean that providing a password will necessarily work. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
Attachment:
signature.asc
Description: Digital signature