I have just set up my own gitea service on the Ubuntu server (the server is run with user gitea). The following steps have been done:
generate ssh key on my windows pc, and store at C:\Users<user_name>\.ssh, namely id_rsa_gitea and id_rsa_gitea.pub
copy and set the public key on my gitea account setting page
There are existing key files for my GitHub account in the directory, namely id_rsa and id_rsa.pub. I modified the file config in the same directory as
Host github.com
HostName github.com
User git
IdentityFile C:/Users/<user_name>/.ssh/id_rsa
IdentitiesOnly yes
Host 192.168.200.101
HostName 192.168.200.101
User gitea
IdentityFile C:/Users/<user_name>/.ssh/id_rsa_gitea
IdentitiesOnly yes
Pushing to GitHub works fine. But when I try to push to gitea, it gets
$ git push -u origin master
gitea#192.168.200.101's password:
Permission denied, please try again.
gitea#192.168.200.101's password:
Permission denied, please try again.
gitea#192.168.200.101's password:
\302\226gitea#192.168.200.101: Permission denied (publickey,password).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I have tested the ssh connection in the git bash console with ssh -v gitea#192.168.200.101, and gets
OpenSSH_7.6p1, OpenSSL 1.0.2m 2 Nov 2017
debug1: Reading configuration data /c/Users/admin/.ssh/config
debug1: /c/Users/admin/.ssh/config line 26: Applying options for 192.168.200.101
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 192.168.200.101 [192.168.200.101] port 22.
debug1: Connection established.
debug1: identity file C:/Users/admin/.ssh/id_rsa_gitea type 0
debug1: key_load_public: No such file or directory
debug1: identity file C:/Users/admin/.ssh/id_rsa_gitea-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.10 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.200.101:22 as 'gitea'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256#libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64-etm#openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64-etm#openssh.com compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:YqpRDueradBcei52m4ahex5DgTOwI3QvgJohoZSMzTs
debug1: Host '192.168.200.101' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/admin/.ssh/known_hosts:23
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:DCCnO6UzUiXYhZiNxeaS4SV05fIUZhHK/ZGDPPI6cwc C:/Users/admin/.ssh/id_rsa_gitea
debug1: Server accepts key: pkalg rsa-sha2-512 blen 535
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.200.101 ([192.168.200.101]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: PTY allocation disabled.
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: PTY allocation disabled.
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to 192.168.200.101 closed.
Transferred: sent 3720, received 3624 bytes, in 0.2 seconds
Bytes per second: sent 15126.0, received 14735.7
debug1: Exit status 1
I've tried multiple variations of this, but none of them seem to work. Any ideas?
Update: Push with http works fine. I switched back to ssh and tried to push again, now I get:
Pushing to gitea#192.168.200.101:guanhuizhe/example-repo.git
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
During this push the sshd log of the ubuntu server is:
Oct 16 18:08:29 DataStorage2 sshd[29981]: Accepted publickey for gitea from 192.168.200.141 port 14967 ssh2: RSA SHA256:DCCnO6UzUiXYhZiNxeaS4SV05fIUZhHK/ZGDPPI6cwc
Oct 16 18:08:29 DataStorage2 sshd[29981]: pam_unix(sshd:session): session opened for user gitea by (uid=0)
Oct 16 18:08:29 DataStorage2 sshd[30017]: Received disconnect from 192.168.200.141 port 14967:11: disconnected by user
Oct 16 18:08:29 DataStorage2 sshd[30017]: Disconnected from 192.168.200.141 port 14967
Oct 16 18:08:29 DataStorage2 sshd[29981]: pam_unix(sshd:session): session closed for user gitea
Update v2:
The problem is caused by the Ubuntu user I used to run the gitea binary. This user does not have shell. I delete the user and configure a normal user. Everything works fine. Thanks for every one!!
\302\226gitea#192.168.200.101 means the origin in the local git config file .git/config is not gitea, but <START OF GUARDED AREA>gitea.
You can change your Host entry (in ~/.ssh/config) with "gitea" (easier to type than 192.168.200.101)
Test it with:
ssh -Tv gitea
Check also the ~gitea/.ssh/authorized_keys file, to ensure the public key has been added by gitea, and is in a SSH forced command line.
You should see something like:
command="/path/to/gitea --config='/path/to/app.ini' serv key-2",\
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty \
ssh-rsa <yourPublicKey>
If you want to use your ~/.ssh/config entry, then you will need to change your remote:
cd /path/to/repo
git remote set-url origin gitea:<me>/myrepo
Related
When I try to connect using Windows ssh to Windows OpenSSH server using a private key, ssh still ask for password.
I have installed OpenSSH by adding OpenSSH Server Windows additional capabilites.
I started manually the OpenSSH SSH Server Windows service using Windows service management console.
Then I created a public/private key pair using ssh-keygen -t ed255519
I have copied the public key in clientssh account .ssh directory with:
PS C:\Users\user> ssh clientssh#127.0.0.1 mkdir C:\Users\clientssh\.ssh\
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:FD9uvvMTBBDMF3jkzZTMEk7iUImY/a7oZRe+wwusCN4.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '127.0.0.1' (ECDSA) to the list of known hosts.
clientssh#127.0.0.1's password:
PS C:\Users\user> scp .ssh\id_ed25519.pub clientssh#127.0.0.1:C:\Users\clientssh\.ssh\authorized_keys
clientssh#127.0.0.1's password:
id_ed25519.pub 100% 103 51.5KB/s 00:00
And then when I try to connect to clientssh account I am asked the password of the private key which shows that ssh has found it, that it succeeded to uncrypt it (no requested again) but then the key seems to be ignored because I am also requested the clientssh password.
PS C:\Users\user> ssh -v clientssh#127.0.0.1 dir .ssh
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\user/.ssh/id_rsa type -1
debug1: identity file C:\\Users\\user/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\user/.ssh/id_dsa type -1
debug1: identity file C:\\Users\\user/.ssh/id_dsa-cert type -1
debug1: identity file C:\\Users\\user/.ssh/id_ecdsa type -1
debug1: identity file C:\\Users\\user/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\user/.ssh/id_ed25519 type -1
debug1: identity file C:\\Users\\user/.ssh/id_ed25519-cert type -1
debug1: identity file C:\\Users\\user/.ssh/id_xmss type -1
debug1: identity file C:\\Users\\user/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_for_Windows_8.1
debug1: match: OpenSSH_for_Windows_8.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 127.0.0.1:22 as 'clientssh'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:FD9uvvMTBBDMF3jkzZTMEk7iUImY/a7oZRe+wwusCN4
debug1: Host '127.0.0.1' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\user/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:\\Users\\user/.ssh/id_rsa
debug1: Will attempt key: C:\\Users\\user/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\user/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\user/.ssh/id_ed25519
debug1: Will attempt key: C:\\Users\\user/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\user/.ssh/id_rsa
debug1: Trying private key: C:\\Users\\user/.ssh/id_dsa
debug1: Trying private key: C:\\Users\\user/.ssh/id_ecdsa
debug1: Trying private key: C:\\Users\\user/.ssh/id_ed25519
debug1: read_passphrase: can't open /dev/tty: No such file or directory
Enter passphrase for key 'C:\Users\user/.ssh/id_ed25519':
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: C:\\Users\\user/.ssh/id_xmss
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such file or directory
clientssh#127.0.0.1's password:
debug1: Authentication succeeded (password).
Authenticated to 127.0.0.1 ([127.0.0.1]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug1: Sending command: dir .ssh
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est FA33-B148
Répertoire de C:\Users\clientssh\.ssh
22/08/2022 16:38 <DIR> .
22/08/2022 16:38 <DIR> ..
22/08/2022 16:38 103 authorized_keys
1 fichier(s) 103 octets
2 Rep(s) 54860242944 octets libres
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2136, received 3084 bytes, in 0.1 seconds
note: I fixed few invalid code page characters in above capture.
I read the other topics close to this one but either they are not applicable because Linux oriented or because there is no real solution. The only thing I get from them is the idea to use -v on ssh. Though this does not helped me a lot...
I finally found Windows OpenSSH troubleshooting documentation that is located on GitHub (not on traditional Microsoft site!):
https://github.com/PowerShell/Win32-OpenSSH/wiki/Troubleshooting-Steps
As explained in that documentation, I added the DEBUG3 log level to OpenSSH server configuration file (lower debug levels do not reveal the issue). And I found that the access to authorization file in clientssh account was authorized for user account.
16004 2022-08-24 10:01:54.598 debug1: trying public key file C:\\Users\\clientssh\\.ssh/authorized_keys
16004 2022-08-24 10:01:54.599 debug3: Bad permissions. Try removing permissions for user: DESKTOP-N2I2AHF\\user (S-1-5-21-2546763314-2673200902-885207948-1001) on file C:/Users/clientssh/.ssh/authorized_keys.
16004 2022-08-24 10:01:54.599 Authentication refused.
This was surprising because I copied the file using ssh.
But I finally understood how the access rights have been corrupted: I had verified with the user account that the authorized file had been correctly copied. This was possible because user account has administrative privileges. And it appears that when you ask to access to a directory you normally have no access rights, instead of impersonating administrator to get the rights, the Explorer modifies the directory access rights to give you permanent access to the directory!
Removing user access to clientssh account allows OpenSSH to work properly.
I am trying to configure git server and client on two local windows machines. I installed git software on both the machines. Enabled openssh server optional feature on the server and created a bare repository on the server. Then tried to clone the server's bare repository on the client, it asked me the password of the server's user but, even after I entered the right password it was giving the below error message.
Permission denied (publickey,password,keyboard-interactive).
I have tried to figure out the cause for the error. After browsing for this error on google I got to know that it is ssh not configured properly. One suggestion I found was to check if ssh working properly without git involvement using the command
ssh -Tv ram-pc1#10.208.27.100, it also failed by giving below error message:
$ ssh -Tv ram-pc1#10.208.27.100
OpenSSH_7.7p1, OpenSSL 1.0.2p 14 Aug 2018
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 10.208.27.100 [10.208.27.100] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Admin/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_ed25519-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_xmss type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Admin/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_for_Windows_7.6
debug1: match: OpenSSH_for_Windows_7.6 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.208.27.100:22 as 'ram-pc1'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:27NSp0TODhiZ68zbYLvsaqPNMp8tE0ZanMeoeQp+u14
debug1: Host '10.208.27.100' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/Admin/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:2KyRU6bbWWkN+IBYN6xiuWQuHl0pKL6Cim6K4/6RBek /c/Users/Admin/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /c/Users/Admin/.ssh/id_dsa
debug1: Trying private key: /c/Users/Admin/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/Admin/.ssh/id_ed25519
debug1: Trying private key: /c/Users/Admin/.ssh/id_xmss
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
ram-pc1#10.208.27.100's password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
ram-pc1#10.208.27.100's password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
ram-pc1#10.208.27.100's password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: No more authentication methods to try.
ram-pc1#10.208.27.100: Permission denied (publickey,password,keyboard-interactive).
Below is my ssh_config file settings:
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey __PROGRAMDATA__/ssh/ssh_host_rsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_dsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_ecdsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
# For this to work you will also need host keys in %programData%/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#PermitUserEnvironment no
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp sftp-server.exe
# Example of overriding settings on a per-user basis
#Match User anoncvs
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
I have spent a lot of time to resolve this error. But not succeeded. Please help in solving this problem. Thanks in advance.
Check the content of ~ram-pc1/.ssh/authorized_keys on the 10.208.27.100 server side: it should include your public key.
Said public key should be an rsa one (without passphrase for now) named C:\Users\Admin\.ssh\id_rsa.pub (and id_rsa for the private) key, generated with ssh-keygen -t rsa -P ""
I'm using -oBatchMode=yes to suppress the interactive password, in case the keys are misconfigured.
I've used 'diff' to compare the debug output, and there's no change until 'Server accepts key: pkalg ssh-rsa blen 279', where the next line is either 'Authentication succeeded' or trying more private keys.
From the script and from the command-line, running without batch mode results in a successful login:
$ ssh -v qa#192.168.19.81 uptime
.
.
Warning: Permanently added '192.168.19.81' (ECDSA) to the list of known hosts.
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/tim/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
--- things change from here
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.19.81 ([192.168.19.81]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug1: Requesting authentication agent forwarding.
debug1: Sending command: uptime
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
13:24 up 3 days, 3:04, 2 users, load averages: 1.76 1.62 1.61
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2768, received 3080 bytes, in 0.0 seconds
Bytes per second: sent 129171.8, received 143731.6
debug1: Exit status 0
But the same fails with -oBatchMode=yes:
$ ssh -v -oBatchMode=yes qa#192.168.19.81 uptime
OpenSSH_7.4p1, LibreSSL 2.5.0
.
.
debug1: Offering RSA public key: /Users/tim/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
--- things change from here
debug1: Trying private key: /Users/tim/.ssh/id_dsa
debug1: Trying private key: /Users/tim/.ssh/id_ecdsa
debug1: Trying private key: /Users/tim/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey,password,keyboard-interactive).
$
Remote machine:
Darwin qa-ffc-mbp-2.lnd 16.7.0 Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64 x86_64
My machine:
Darwin TimBs-MacBook-Pro-3483.local 16.6.0 Darwin Kernel Version 16.6.0: Fri Apr 14 16:21:16 PDT 2017; root:xnu-3789.60.24~6/RELEASE_X86_64 x86_64
update: I copied the id_rsa and id_rsa.pub from an account that doesn't have this problem, and it started working. But my id_rsa.pub is correctly listed in the target machine's authorized_keys. I even regenerated my public key from the private one, in case it had become corrupted. No dice. I'm reluctant to change my key for obvious reasons.
You can try adding these lines to your ~/.ssh/config file:
Host *
UseKeychain yes
AddKeysToAgent yes
Seems Apple's integration of keychain is disabled by BatchMode=yes
If I eval $(ssh-agent) and ssh-add my identity, everything works.
The reason the other account's key worked was because it had an empty passphrase.
I have been facing this annoying error when trying to setup Github on Mac, OS version is Lion. Basically, I followed the steps as mentioned at this URL: http://help.github.com/mac-set-up-git/
I always stuck at the step of executing this command "ssh -T git#github.com"
I have tried to output the debugging message and below is the message log. The last message shows that it's due to an error 'Write failed: Broken pipe'.
Please give me a solution to fix this error if you have ever encountered this error before and able to fix it. Thanks a lot.
user-users-macbook:.ssh useruser$ ssh -vT git#github.com
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug1: Connecting to github.com [207.97.227.239] port 22.
debug1: Connection established.
debug1: identity file /Users/useruser/.ssh/id_rsa type 1
debug1: identity file /Users/useruser/.ssh/id_rsa-cert type -1
debug1: identity file /Users/useruser/.ssh/id_dsa type -1
debug1: identity file /Users/useruser/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5github2
debug1: match: OpenSSH_5.1p1 Debian-5github2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /Users/useruser/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/useruser/.ssh/id_rsa
debug1: Remote: Forced command: gerve thsonvt
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Remote: Forced command: gerve thsonvt
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([207.97.227.239]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LC_CTYPE = UTF-8
Write failed: Broken pipe
Write failed: Broken pipe just means that, for whatever reason, the connection broken. This can happen for any number of reasons, such as a timeout occurring, or your connection to the server being broken due to your internet connection dropping out, etc. Increasing the ServerAliveInterval can help; ask at ServerFault if you're after more information about SSH settings, as it's off-topic for StackOverflow :)
For you, though, this is irrelevant; from your debug output it's pretty clear that you've set up your SSH keys successfully (debug1: Authentication succeeded (publickey) and following lines).
It also looks like you've done step 5 of that tutorial more than once; debug1: Found key in /Users/useruser/.ssh/known_hosts:1 means that you've already added the remote host to your list of known hosts (which is what typing yes is all about in step 5 of that tutorial).
Feel free to continue on to the next section (Then: Set Up Your Info); you've done everything you need to for step 1 to step 5.
Try adding
ClientAliveInterval 15
Original answer:
Try adding the following line to your /etc/ssh/ssh_config
ServerAliveInterval 120
I'm having a miserable time trying to integrate GitHub with my iOS Xcode project. Something got screwed up, so I decided to just start from scratch. I'm using Xcode version 11.0. The problems seem to have started back when I upgraded from version 9.0.
I have GitHub setup in Xcode using SSH key, but I have also tried with HTTPS.
I used rm -rf .git to remove the existing repositories. Then used Source Control / Create Git Repositories... in Xcode to recreate them.
It created the local repositories as expected and I also created the remote ones on GitHub.
However, when I try to commit or push, I get the following error:
If I try the Fetch and Refresh Status option, I get the following:
The error messages aren't particularly enlightening. I'm not sure what to try next. I have tried manually creating the remote repositories right on GitHub, as well as letting Xcode create them, but I get the same result. I even uninstalled and re-installed Curl. Is there something obvious I should be doing, a log I can check, or some other way to get any useful info about this? Thanks.
EDIT:
Here are the results from the ssh call suggested.
Black-Mac-Pro:~ sheldon$ ssh -i ~/.ssh/id_github -Tv git#github.com
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Volumes/PEGASUS/Users/sheldon/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to github.com port 22.
debug1: Connection established.
debug1: identity file /Volumes/PEGASUS/Users/sheldon/.ssh/id_github type 0
debug1: identity file /Volumes/PEGASUS/Users/sheldon/.ssh/id_github-cert type -1
debug1: identity file /Volumes/PEGASUS/Users/sheldon/.ssh/Y2goAWS.pem type -1
debug1: identity file /Volumes/PEGASUS/Users/sheldon/.ssh/Y2goAWS.pem-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version babeld-a81b9751
debug1: no match: babeld-a81b9751
debug1: Authenticating to github.com:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /Volumes/PEGASUS/Users/sheldon/.ssh/known_hosts:4
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: Will attempt key: /Volumes/PEGASUS/Users/sheldon/.ssh/id_github RSA SHA256:urvuR2AnjonUD93eMeBsznrm+e/C0u3kDAiFGFFHT2U explicit
debug1: Will attempt key: /Volumes/PEGASUS/Users/sheldon/.ssh/Y2goAWS.pem explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /Volumes/PEGASUS/Users/sheldon/.ssh/id_github RSA SHA256:urvuR2AnjonUD93eMeBsznrm+e/C0u3kDAiFGFFHT2U explicit
debug1: Server accepts key: /Volumes/PEGASUS/Users/sheldon/.ssh/id_github RSA SHA256:urvuR2AnjonUD93eMeBsznrm+e/C0u3kDAiFGFFHT2U explicit
Enter passphrase for key '/Volumes/PEGASUS/Users/sheldon/.ssh/id_github':
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([140.82.113.3]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_CA.UTF-8
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi lastmboy! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2684, received 2228 bytes, in 0.1 seconds
Bytes per second: sent 26179.5, received 21731.7
debug1: Exit status 1
Black-Mac-Pro:~ sheldon$ git ls-remote git#github.com:lastmboy/y2go.git
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
EDIT (10-Oct-2019):
Now I'm getting the following:
Black-Mac-Pro:y2go sheldon$ ssh -i ~/.ssh/id_rsa git#github.com
###########################################################
# WARNING: UNPROTECTED PRIVATE KEY FILE! #
###########################################################
Permissions 0644 for '/Volumes/PEGASUS/Users/sheldon/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/Volumes/PEGASUS/Users/sheldon/.ssh/id_rsa": bad permissions
git#github.com: Permission denied (publickey).
curl should not be involved if you are using SSH.
Check first if your SSH key works and if GitHub recognizes you (meaning you have registered the public key on your GitHub profile)
ssh -i ~/.ssh/id_github -Tv git#github.com
(assuming here your id_github and id_github.pub files are in ~/.ssh/)
You should see a Welcome message at the end.
If not, recreate the key using the old PEM format:
ssh-keygen -t rsa -C "xxx#yyyy.com" -m PEM -P "" -f ~/.ssh/id_github2
Then check the remote URL exists: git ls-remote git#github.com:<YourGitHubAccount>/<YourRepo>
Only then can you test XCode.