I'm starting using Amazon EC2 service. I have installed an Amazon Linux instance, set the PEM file, opened the SSH ports and installed a GIT service.
My local environment it's Windows 8.
Through putty and WinSCP I can connect without problems. I have followed the docs and converted my PEM file to a PPK and everything works fine.
The problem is when I try to do a git push from my local machine. I always get a "permission denied (public key)" when I try to connect. I have made a ssh-add to PEM file using the git bash, generated a custom key trough the GIT Bash and added this key to the key pars at the EC2 Instance and nothing works...
If I try (using git bash) a ssh -i and specify the PEM file, I have a connection.
ssh -i c:/[PATH]/[PEM-FILE].pem ec2-user#[HOST].compute.amazonaws.com
If I try without -i, no connection.
$ ssh ec2-user#[HOST].compute.amazonaws.com
Permission denied (publickey).
Here follows the trace with -vT command:
ssh -vT ec2-user#[HOST].compute.amazonaws.com
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Connecting to [HOST].compute.amazonaws.com [54.201.
110.48] port 22.
debug1: Connection established.
debug1: identity file [PATH]/Usuario/.ssh/identity type -1
debug1: identity file [PATH]/Usuario/.ssh/id_rsa type 1
debug1: identity file [PATH]/Usuario/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '[HOST].compute.amazonaws.com' is known and ma
tches the RSA host key.
debug1: Found key in [PATH]/Usuario/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: [PATH]/Usuario/.ssh/identity
debug1: Offering public key: [PATH]/Usuario/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: [PATH]/Usuario/.ssh/id_dsa
debug1: No more authentication methods to try.
Permission denied (publickey).
So, there's a way to connect via SSH without the -i option?
After several tries, I found an article with some instructions here https://serverfault.com/questions/194567/how-do-i-tell-git-for-windows-where-to-find-my-private-rsa-key
I followed these steps: "After you have the home directory, and a .ssh folder under that, you want to open PuTTYgen and open the key (.ppk file) you have previously created. Once your key is open, you want to select Conversions -> Export OpenSSH key and save it to HOME.ssh\id_rsa. After you have the key at that location, Git bash will recognize the key and use it"
#Everton Menonca'a asnwer it great. It saved my day in fact. Just for the sake of more details, I am going to mention my case:
Load the private key (generated by EC2) in your PuTTYgen, and from it, export OpenSSH key.
Place the exported file in the home directory of all keys. In my case (windows) was C:\Users\USERNAME\.ssh
Since I have multiple remotes I am connecting to using Bash, I updated my config file (under the same directory), by adding extra entry, to be like the following:
Host bitbucket.org
IdentityFile ~/.ssh/id_rsa1
Host ec2-00-00-000-00.compute-1.amazonaws.com
IdentityFile ~/.ssh/id_rsa2
That's all
Related
Using my current MacBook, at previous companies I've been able to ssh to EC2 instances. At the new company, which has EC2 instances running Centos 6, which is running an old version of OpenSSL, (an old version of libssl) I cannot seem to ssh. I always get:
Permission denied (publickey).
So, for instance, on one server, the devops engineer installed my ssh public key, and they white listed my home IP address.
They sent me this block of text, which I put in my ~/.ssh/config file.
Host never_dev
HostName neverstaydev.com
User neverst
IdentityFile ~/.ssh/id_ed25519
Host beta
HostName 12.18.125.53
User neverst
IdentityFile ~/.ssh/id_ed25519
The only thing I changed was the name of the key, which is correct. But if I try this:
ssh -v never_dev
I get:
OpenSSH_8.1p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/admin/.ssh/config
debug1: /Users/admin/.ssh/config line 1: Applying options for never_dev
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug1: Connecting to neverstaydev.com port 22.
debug1: Connection established.
debug1: identity file /Users/admin/.ssh/id_ed25519 type 3
debug1: identity file /Users/admin/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000002
debug1: Authenticating to neverstaydev.com:22 as 'neverst'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64#openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64#openssh.com compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:UJ9EFg/QTnxCP+/9/P8b+jSpKozY1IbaN3M5jOoz8e0
debug1: Host 'neverstaydev.com' is known and matches the RSA host key.
debug1: Found key in /Users/admin/.ssh/known_hosts:24
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 4294967296 blocks
debug1: Will attempt key: /Users/admin/.ssh/id_ed25519 ED25519 SHA256:fBRwhBVpzb6ve5cDwmMS1R0UlhzSaVg9E62WW7riRZA explicit
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /Users/admin/.ssh/id_ed25519 ED25519 SHA256:fBRwhBVpzb6ve5cDwmMS1R0UlhzSaVg9E62WW7riRZA explicit
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
neverst#neverstaydev.com: Permission denied (publickey).
All of the developers are sharing one account on this EC2 instance, and everyone else can log in, except me. But my IP address has been whitelisted, since, as you can see above, my machine engages in dialogue with the EC2 instance.
I've tried different permissions on the private key, both 0400 and 0600. That has no effect.
Likewise, they have AMIs based on these machines, so I spun up a new EC2 instance based on the AMI, creating a new key pair. I then tried to ssh to the new EC2 instance, using the new key pair. But still the same problem:
Permission denied (publickey)
What might cause this?
The devops engineer suggested that I do:
ssh-keygen -t rsa -b 4096 -C "neverstay-key"
Now, and then I gave them my public key, which they installed on their side, and now when I try to ssh to the server, I get:
ssh-keygen -t rsa -b 4096 -C "lawarance-futurestay-key"
I have been trying for 3 days now to set up git/ssh to work with bitbucket.org on windows 10.
Made a little progress. Now the log is...
Ian#Helike MINGW64 /m/websites/coachmaster (master)
$ ssh -v git#bitbucket.org
OpenSSH_8.0p1, OpenSSL 1.1.1c 28 May 2019
debug1: Reading configuration data /c/Users/Ian Hobson/.ssh/config
debug1: /c/Users/Ian Hobson/.ssh/config line 1: Applying options for bitbucket.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to bitbucket.org [18.205.93.1] port 22.
debug1: Connection established.
debug1: identity file D:\\Ian\\keyfiles\\ianhobson-bitbucket type -1
debug1: identity file D:\\Ian\\keyfiles\\ianhobson-bitbucket-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.0
debug1: Remote protocol version 2.0, remote software version conker_e350bda95a app-131
debug1: no match: conker_e350bda95a app-131
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256#libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /c/Users/Ian Hobson/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: D:\\Ian\\keyfiles\\ianhobson-bitbucket explicit
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: D:\\Ian\\keyfiles\\ianhobson-bitbucket
sign_and_send_pubkey: no mutual signature supported
debug1: No more authentication methods to try.
git#bitbucket.org: Permission denied (publickey).
Ian#Helike MINGW64 /m/websites/coachmaster (master)
I can see it is using the correct keyfile. That keyfile, and ~/.ssh/config have been copied from the old machine where it works.
Ian
Try and regenerate your keys with:
ssh-keygen -t rsa -C "my#email.com" -m PEM -P "" -f D:\Ian\keyfiles\ianhobson-bitbucket
Then add the public key to your BitBucket profile.
Make sure your ~/.ssh/config file references that private key
Host bitb
Hostname bitbucket.org
User git
IdentityFile D:\Ian\keyfiles\ianhobson-bitbucket
Then your URL should be:
ssh -v bitb
(not git#bitbicket.org, which would bypass the SSH config file entirely)
I think my error was to install git/tortoise git attempting to use Putty and plink - maybe I tried a mix.
I confirm (as I did in the discussion): no Putty should be needed. OpenSSH is enough.
Problem solved.
I think my error was to install git/tortoise git attempting to use Putty and plink - maybe I tried a mix.
I should have used the other option - Open-SSH? - for both programs.
I went about recovery the long way, by resetting windows and re-installing all programs, so I can not be 100% sure that removing and reinstalling git and tortoise git in this way would have solved the problem.
And a special thanks to VonC for all his efforts to help.
The fundamental problem is that I am never seeing a prompt to enter in my SSH-Key password, SSH-Agent or no. As such, it's acting like I entered the wrong password and defaulting to pretending I have no keys.
This is happening on multiple computers. I set up my ssh keys awhile ago, and everything is great, but every so often I will do a git push (usually after restarting my computer) and I will get asked for my git origin server's password RATHER than my ssh key's password. Since my origin server does not HAVE a password, this leaves me unable to push changes.
Sometimes it resolves itself after restarting, sometimes not. Usually I do a lot of flailing guesses and one of them ends up fixing the problem, but I can't currently remember which ones work and which don't.
What is the CORRECT way to go about fixing this? What is the actual problem? Is my SSH Key locked? Is some windows process not starting correctly? Is a Path variable being eaten? I don't know a lot about windows (usually I develop on linux), so I'm extra at a loss here.
Edit: The first answer mentions ssh-agent. Some googling got me to here:
https://help.github.com/articles/working-with-ssh-key-passphrases/#platform-windows
Which explains how to set up ssh-agent to autostart and know about your keys in windows. (I didn't even know you could use bash profiles in windows).
This did not help.
My git bash now says "Identity added: /c/Users/{{ME}}/.ssh/id_rsa" It does NOT ask me for my key password, and I still cannot push to my origin server (it asks for a server password, still).
I can confirm that my ssh key does live in the place the agent is looking. I can also confirm that the key is added: ssh-add -l shows a single key, from the location my key is stored.
Edit: Setting GIT_SSH as an environment variable pointing at the executable for ssh does nothing either, but it was a long shot anyways.
Edit: ssh git#git.myhost.com outputs:
$ ssh -v git#git.myhost.lan
OpenSSH_6.6.1, OpenSSL 1.0.1i 6 Aug 2014
debug1: Reading configuration data /c/Users/eschjen/.ssh/config
debug1: /c/Users/eschjen/.ssh/config line 1: Applying options for git.myhost
.lan
debug1: Connecting to git.myhost.lan [10.116.22.40] port 22.
debug1: Connection established.
debug1: identity file /c/Users/eschjen/.ssh/id_rsa type 1
debug1: identity file /c/Users/eschjen/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA ae:81:77:0d:1c:8e:6a:aa:a8:69:36:1b:e4:ca:33:ee
debug1: Host 'git.myhost.lan' is known and matches the RSA host key.
debug1: Found key in /c/Users/eschjen/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mi
c,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/eschjen/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mi
c,password
debug1: Next authentication method: password
git#git.myhost.lan's password:
The output screen helped me take the tack that the ssh key was being used, but rejected by the server. I found that the ssh key my server knows about does not match the ssh key my machine has, somehow, despite everything working fine less than a month ago. I re-added the ssh key I have, and was able to push my changes.
Anybody have any idea how the ssh key would be re-generated (I'm fairly sure I didn't do it explicitly) during all of this?
It's not enough to add the identity. There should be a file called config(no extension) in your C:\Users\{{username}}\.ssh directory.
You can define the key to use for a given host there like this:
Host myhost.name.com
IdentityFile ~/.ssh/my_keyfile_name
The result of correct configuration is a input request for a password:
Enter passphrase for key '/c/Users/{{username}}/.ssh/my_keyfile_name':
Edit1: You can retrieve the verbose output of ssh by adding the -v parameter. Real world example (host name replaced):
λ ssh -v igor#myhost.at
OpenSSH_6.6.1, OpenSSL 1.0.1m 19 Mar 2015
debug1: Reading configuration data /c/Users/Igor/.ssh/config
debug1: /c/Users/Igor/.ssh/config line 4: Applying options for myhost.at
debug1: Connecting to myhost.at [192.168.2.1] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Igor/.ssh/myhost-server type -1
debug1: identity file /c/Users/Igor/.ssh/myhost-server-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6+squeeze5
debug1: match: OpenSSH_5.5p1 Debian-6+squeeze5 pat OpenSSH_5* compat 0x0c000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 67:3f:96:7b:6a:68:55:89:a8:30:a9:ed:67:ef:40:a4
debug1: Host 'myhost.at' is known and matches the RSA host key.
debug1: Found key in /c/Users/Igor/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/Igor/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /c/Users/Igor/.ssh/myhost-server
debug1: key_parse_private2: missing begin marker
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/c/Users/Igor/.ssh/myhost-server':
I think this would help tremendously. Added comment to OP requesting this information.
you need to tell your computer to add the key again after restarting the system. Most of the time this is done with the ssh-agent
I wasted several hours trying to solve the same problem - SSH would not ask for the passphrase for my keypair even with pageant NOT running.
SSH uses different key formats (SSH-1 and SSH-2), and more importantly, refuses to read RSA keys if they are in SSH-2 format. Generating the keypair with Puttygen and then converting it to SSH-1 format to save in .ssh\id_rsa solved the problem for me.
Generate a keypair
Save it with a meaningful name (like Basement-Computer.ppk)
Export the file to OpenSSH format and save it with the name id_rsa (no extension)
Git clone will now ask for the passphrase (or at least it did for me). Google's instructions for setting up a Git repo https://cloud.google.com/source-repositories/docs/authentication#ssh neglects to mention that crucial third step.
I have read several StackOverflow articles on this problem and googled other sources with no luck. I've checked AWS documentation and can't resolve the issue. I have been working on this for several hours and am really stuck.
I've found articles referring to similar problems but the issue looks to always be a typo or mistake on the user's part. In my case, I'm confident I have ensured there are no typos or errors in what I'm doing.
I'm using Mac OS X Yosemite to connect to my AWS EC2 instance. I cannot scp files from my local machine to my instance, but I have been able to in the past, I believe before I upgraded to Yosemite (although I'm not 100% certain about before or after the upgrade). Regardless, I'm now getting a permission denied error.
I am able to ssh just fine into my instance. I do so like this:
ssh -i mykey.pem ec2-user#myEC2host.myzone.compute.amazonaws.com
Everything works fine with the ssh. But when I attempt scp like this:
scp —i mykey.pem ~/Sites/test.html ec2-user#myEC2host.myzone.compute.amazonaws.com:/var/www/html/
I get the following error:
Permission denied (publickey). lost connection
I've been trying this for hours and have confirmed the following:
I CAN ssh in just fine.
My .pem file has 400 permissions and
is not viewable to the world.
I have correct permissions and ownership in the /var/www and /var/www/html folders
(I went through the amazon setup tutorial again and ensured I used all permission settings as they described. My user is part of the group with access to those folders.
When I run the scp -v command I can see that scp does not appear to be even trying to use the specified Identity file. I get the following output:
(Notice the program being executed has dropped the -i from the scp command)
Executing: program /usr/bin/ssh host myEC2host.myzone.compute.amazonaws.com, user ec2-user, command scp -v -d -t /var/www/html/
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to myEC2host.myzone.compute.amazonaws.com [public AWS ip] port 22.
debug1: Connection established.
debug1: identity file /Users/myusername/.ssh/id_rsa type -1
debug1: identity file /Users/myusername/.ssh/id_rsa-cert type -1
debug1: identity file /Users/myusername/.ssh/id_dsa type -1
debug1: identity file /Users/myusername/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm#openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm#openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA {some hex output}
debug1: Host 'myEC2host.myzone.compute.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /Users/myusername/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/myusername/.ssh/id_rsa
debug1: Trying private key: /Users/myusername/.ssh/id_dsa
debug1: No more authentication methods to try.
Permission denied (publickey).
lost connection
However, when I run ssh -v I get the following output which DOES immediately use the correct Identify file:
ssh -v -i mykey ec2-user#myEC2host.myzone.compute.amazonaws.com
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to myEC2host.myzone.compute.amazonaws.com [54.69.211.59] port 22.
debug1: Connection established.
debug1: identity file mykey.pem type -1
debug1: identity file mykey.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm#openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm#openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA {some hex output}
debug1: Host 'myEC2host.myzone.compute.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /Users/myusername/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: mike.pem
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to myEC2host.myzone.compute.amazonaws.com ([myEC2IP]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_CA.UTF-8
I'm not sure what else to try or how I might be able to resolve this. I'm hoping somebody will have the same environment and can confirm the issue or supply a resolution.
Thanks in advance!
scp —i mykey.pem ~/Sites/test.html ec2-user#myEC2host.myzone.compute.amazonaws.com:/var/www/html/
Executing: program /usr/bin/ssh host myEC2host.myzone.compute.amazonaws.com, user ec2-user, command scp -v -d -t /var/www/html/
The dash in your scp —i... command is a unicode EM dash, not an ASCII dash. Scp isn't interpreting it as a command-line option.
In fact it interpreted "—i", "mykey.pem", and "~/Sites/test.html" as three files to be copied. You can tell this because scp added "-d" to the command line for the remote scp instance. The "-d" flag tells the remote scp instance that the target has to be a directory. scp adds that flag to the remote command when it's copying more than one file, but not for copying a single file.
Maybe you copied the scp command from a word processing document? Microsoft Word is notorious for changing dashes and quote marks to typesetting versions. It's something to be careful about.
Kenster correctly pointed out that the dash in the -i in my code was in fact converted to an EMdash prior to my pasting it into Terminal. :-s
Retyping the entire command corrected the issue.
Thanks for catching my oversight.
I'm having a miserable time trying to integrate GitHub with my iOS Xcode project. Something got screwed up, so I decided to just start from scratch. I'm using Xcode version 11.0. The problems seem to have started back when I upgraded from version 9.0.
I have GitHub setup in Xcode using SSH key, but I have also tried with HTTPS.
I used rm -rf .git to remove the existing repositories. Then used Source Control / Create Git Repositories... in Xcode to recreate them.
It created the local repositories as expected and I also created the remote ones on GitHub.
However, when I try to commit or push, I get the following error:
If I try the Fetch and Refresh Status option, I get the following:
The error messages aren't particularly enlightening. I'm not sure what to try next. I have tried manually creating the remote repositories right on GitHub, as well as letting Xcode create them, but I get the same result. I even uninstalled and re-installed Curl. Is there something obvious I should be doing, a log I can check, or some other way to get any useful info about this? Thanks.
EDIT:
Here are the results from the ssh call suggested.
Black-Mac-Pro:~ sheldon$ ssh -i ~/.ssh/id_github -Tv git#github.com
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Volumes/PEGASUS/Users/sheldon/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to github.com port 22.
debug1: Connection established.
debug1: identity file /Volumes/PEGASUS/Users/sheldon/.ssh/id_github type 0
debug1: identity file /Volumes/PEGASUS/Users/sheldon/.ssh/id_github-cert type -1
debug1: identity file /Volumes/PEGASUS/Users/sheldon/.ssh/Y2goAWS.pem type -1
debug1: identity file /Volumes/PEGASUS/Users/sheldon/.ssh/Y2goAWS.pem-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version babeld-a81b9751
debug1: no match: babeld-a81b9751
debug1: Authenticating to github.com:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /Volumes/PEGASUS/Users/sheldon/.ssh/known_hosts:4
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: Will attempt key: /Volumes/PEGASUS/Users/sheldon/.ssh/id_github RSA SHA256:urvuR2AnjonUD93eMeBsznrm+e/C0u3kDAiFGFFHT2U explicit
debug1: Will attempt key: /Volumes/PEGASUS/Users/sheldon/.ssh/Y2goAWS.pem explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /Volumes/PEGASUS/Users/sheldon/.ssh/id_github RSA SHA256:urvuR2AnjonUD93eMeBsznrm+e/C0u3kDAiFGFFHT2U explicit
debug1: Server accepts key: /Volumes/PEGASUS/Users/sheldon/.ssh/id_github RSA SHA256:urvuR2AnjonUD93eMeBsznrm+e/C0u3kDAiFGFFHT2U explicit
Enter passphrase for key '/Volumes/PEGASUS/Users/sheldon/.ssh/id_github':
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([140.82.113.3]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_CA.UTF-8
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi lastmboy! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2684, received 2228 bytes, in 0.1 seconds
Bytes per second: sent 26179.5, received 21731.7
debug1: Exit status 1
Black-Mac-Pro:~ sheldon$ git ls-remote git#github.com:lastmboy/y2go.git
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
EDIT (10-Oct-2019):
Now I'm getting the following:
Black-Mac-Pro:y2go sheldon$ ssh -i ~/.ssh/id_rsa git#github.com
###########################################################
# WARNING: UNPROTECTED PRIVATE KEY FILE! #
###########################################################
Permissions 0644 for '/Volumes/PEGASUS/Users/sheldon/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/Volumes/PEGASUS/Users/sheldon/.ssh/id_rsa": bad permissions
git#github.com: Permission denied (publickey).
curl should not be involved if you are using SSH.
Check first if your SSH key works and if GitHub recognizes you (meaning you have registered the public key on your GitHub profile)
ssh -i ~/.ssh/id_github -Tv git#github.com
(assuming here your id_github and id_github.pub files are in ~/.ssh/)
You should see a Welcome message at the end.
If not, recreate the key using the old PEM format:
ssh-keygen -t rsa -C "xxx#yyyy.com" -m PEM -P "" -f ~/.ssh/id_github2
Then check the remote URL exists: git ls-remote git#github.com:<YourGitHubAccount>/<YourRepo>
Only then can you test XCode.