This is a small thing : Some users don’t seem to be recognised when they’re added to the gitolite.conf, despite the keys being added to the keydir/ and everything being triple-checked.

One thing to check out is the contents of the server’s ~/.ssh/authorised_keys, which is autogenerated by gitolite in a post-update hook.

For most user’s public keys, their username@machine.domain is spelled out in both the filename and inside the key. However, if there’s no . in the machine-domain, the username become simply username when ~/.ssh/authorised_keys is built.

Most machines will default to username@localhost.localdomain if nothing better is suggested. However, Macs apparently do not. And some people also deliberately choose short usernames/hostnames. I was hit by both issues last weekend at a hackathon.
Which cost us a fair bit of time and head-scratching.

Unfortunately, this seems to be by design :

The solution is to either fix up ~/.ssh/authorised_keys to use the complete (which will have to be done repeatedly), or (better, though trickier, since there may be user-name overlap, or stupid-short usernames like ‘m’) just refer to these users by username only in gitolite.conf.