SSH key verified on the frontend but logs say otherwise

[mtkgeek]

Description

I tried adding an ssh key to which was successful according to the web admin response I got but pull,clone and push requests were still failing (timing out). So i checked the logs and discovered I had this error even though I got a positive response when I added my ssh key

completed GET /user/events for 172.71.183.101:0, 200 OK in 46734.6ms @ events/events.go:18(events.Events)
2024-07-17T14:00:41.188661775Z 2024/07/17 14:00:41 ...ey/ssh_key_verify.go:38:VerifySSHKey() [E] Unable to validate token signature. Error: ssh: signature did not verify

My Docker compose is shown below

services:
  gitea:
    image: 'gitea/gitea:latest'
    environment:
      - SERVICE_FQDN_GITEA_3000
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=postgresql
      - 'GITEA__database__NAME=${POSTGRESQL_DATABASE-gitea}'
      - GITEA__database__USER=$SERVICE_USER_POSTGRESQL
      - GITEA__database__PASSWD=$SERVICE_PASSWORD_POSTGRESQL
    volumes:
      - 'gitea-data:/data'
      - 'gitea-config:/etc/gitea'
      - 'gitea-timezone:/etc/timezone:ro'
      - 'gitea-localtime:/etc/localtime:ro'
    ports:
      - '22222:22'
    depends_on:
      postgresql:
        condition: service_healthy
    healthcheck:
      test:
        - CMD
        - curl
        - '-f'
        - 'http:https://127.0.0.1:3000'
      interval: 2s
      timeout: 10s
      retries: 15
  postgresql:
    image: 'postgres:16-alpine'
    volumes:
      - 'gitea-postgresql-data:/var/lib/postgresql/data'
    environment:
      - 'POSTGRES_USER=${SERVICE_USER_POSTGRESQL}'
      - 'POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRESQL}'
      - 'POSTGRES_DB=${POSTGRESQL_DATABASE}'
    healthcheck:
      test:
        - CMD-SHELL
        - 'pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}'
      interval: 5s
      timeout: 20s
      retries: 10

Gitea Version

v1.22.1

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

https://gist.github.com/mtkgeek/3634efa854a538cb0569ae5f7a64ec25

Screenshots

Git Version

No response

Operating System

Ubuntu lts 22.04

How are you running Gitea?

Via docker

Database

PostgreSQL

[wolfogre]

Thank you for reporting. You are so observant.

Don't worry, it's not a bug, the point that the token to verify keys is generated according to time and Gitea will try to verify two times.

It happened like:

• 8:10:40, you clicked 'Verify' to generate a token, it's bound to minute 8:10
• 8:11:05, you executed the command and got the signature, then submitted it to Gitea.
• 8:11:06, Gitea tried to verify the signature with current minute 8:11, and failed, so it printed the error log you saw.
• 8:11:06, as fallback, Gitea tried to verify the signature again with previous minute 8:10, and succeed, so it returned OK.

So, the error log just means a failed try.