Need an LDAP account that can push to


Repository Account Requests
6 years ago
6 years ago


(Reporter: mossop, Assigned: fox2mike)




(1 attachment)



6 years ago
We're working on mirroring the add-on SDK repo in github to mercurial and we have an automated tools set up that will push changes from github into the mercurial repositories at, and

For testing we've just been using a user's ldap account but now we'd like to get a custom ldap account set up for this. It's private key would live on a machine hosted by IT (see bug 753527). We only care about writing to those three repositories.

How do we go about getting this created?
Dave: We have done this before for releng but I cannot find the bug currently. In the meantime perhaps Reed can chime in with some suggestions.
Bug 658673 has a similar request from the releng side - so I think we pretty much would have to mirror what they have done in that bug. So we would need a user name, which repos to access, SSH key, etc.

Comment 3

6 years ago
Created attachment 652486 [details]
Public key

So the username I guess "addonsdk", the repos to access:


Attached is a new public key.
Over to server-ops to create this account. I assume server-ops can give Dave the LDAP password once these have been created for user addonsdk.
Assignee: mozillamarcia.knous → server-ops
The LDAP password shouldn't be needed if they're just going to use SSH auth to push.
Assignee: server-ops → mburns
User has been created. Let me know if access doesn't work.

Comment 7

6 years ago
Getting access denied running "ssh -v whoami":

OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /c/Users/Dave Townsend/.ssh/config
debug1: Applying options for
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to [] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Dave Townsend/.ssh/identity type -1
debug1: identity file /c/Users/Dave Townsend/.ssh/id_rsa type -1
debug1: identity file /c/Users/Dave Townsend/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.4
debug1: match: OpenSSH_5.4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '' is known and matches the RSA host key.
debug1: Found key in /c/Users/Dave Townsend/.ssh/known_hosts:10
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /c/Users/Dave Townsend/.ssh/id_dsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /c/Users/Dave Townsend/.ssh/identity
debug1: Trying private key: /c/Users/Dave Townsend/.ssh/id_rsa
debug1: Trying private key: /c/Users/Dave Townsend/.ssh/id_dsa
debug1: read PEM private key done: type DSA
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).

Comment 8

6 years ago
Sorry Dave.

I've reset :addonsdk's permissions. Within about 20 minutes, if this doesn't start working for you, please let me know.

Comment 10

6 years ago
(In reply to Michael Burns [:mburns] from comment #9)
> Sorry Dave.
> I've reset :addonsdk's permissions. Within about 20 minutes, if this doesn't
> start working for you, please let me know.

Still getting the same result

Comment 11

6 years ago
Bumping the priority here as we've been waiting for basically a month here
Severity: normal → critical

Comment 12

6 years ago
What is the ETA on getting a response here? Last I heard from Michael was 11 days ago via email where he said that he was getting help from someone else with more experience with our repo setup.

Comment 13

6 years ago
Dave, tried getting in touch with you on IRC, no response.

I'd like you to try this simple change :

ssh -v

With the correct SSH keys and let me know if that doesn't work. 



6 years ago
Assignee: mburns → shyam

Comment 14

6 years ago
Should be good to go. The account was created incorrectly and I had to fiddle with LDAP to make sure it was good to go. I blew away the old one and re-did the account.

Dave says he can now auth successfully. I've given the account scm_level_2 which should be sufficient to commit to the repos mentioned in comment #3.
Last Resolved: 6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.