I'm running Gitea on a virtual machine that is publicly accessible under gitea.myorg.foo. Here's the server part relevant to my SSH configuration of my configuration file:
[server]
SSH_DOMAIN = gitea.myorg.foo
DOMAIN = gitea.myorg.foo
ROOT_URL = https://gitea.myorg.foo/
DISABLE_SSH = false
SSH_PORT = 22
OFFLINE_MODE = false
This means that I'm running the server's sshd, not Gitea's internal sshd.
The server runs under a user called git. In /home/git/.ssh/authorized_keys, the authorized keys (per user and deployment keys) are listed.
Unfortunately, the deployment key is not offered when I try to clone a repository with that deployment key enabled.
Let's say I'd like to clone [email protected]/org/repo.git, I get offered a key with a totally different signature than what is displayed under "Deploy Keys" in the web UI. When I run ssh-keyscan gitea.myorg.foo, I only get signatures not to be found in /home/git/.ssh/authorized_keys.
How can I figure out and configure what keys SSH is offering to the client?
Edit: I noticed that the key offered is the one marked as HostKey defined in /etc/ssh/sshd_config. Do I need to use Gitea's internal SSH server, or could I configure my native SSH server accordingly?
I mixed up the host key and my deployment key. It's totally OK that the host key is returned. However, I made the mistake to rely on the deployment key in the
.knwon_hostsfile, where I should use the host key instead.