I'm managing multiple heroku accounts and have had to struggle through getting multiple keys added. I've finally done it and I feel confident that I have the correct keys for the correct accounts.
Now, I can push to the first account fine but the second gives me Enter passphrase for key '~/.ssh/key.pub' when I didn't set a passphrase. I tried heroku keys:clear multiple times and re-added keys, both with and without passphrases. When I do enter a passphrase, it gives me three chances and then failed with Permission denied (publickey). When I just enter because the passphrase is empty it goes immediately to Permission denied (publickey).
It may also be noteworthy that the original key was created by heroku and it does not prompt for a passphrase. I've tried generating the account with heroku accounts:add personal --auto as described in the accounts plugin for heroku here and it fails with a No such file or directory - ~/.ssh/identity.heroku.personal.pub when Adding public key to Heroku account: account#gmail.com.
My .ssh/config looks like the following:
Host heroku.personal
HostName heroku.com
IdentityFile "~/.ssh/key.pub"
IdentitiesOnly yes
Host heroku.ad2l
HostName heroku.com
IdentityFile "~/.ssh/another_key.pub"
IdentitiesOnly yes
Anyone have any ideas? Thanks in advance.
Related
I'm trying to configure git so I don't have to keep authenticating (and also learn a bit more about git).
I had previously been using password-based authentication, which is repetitive to keep typing in my passwords. I followed the steps (using windows) to set up SSH keys in github. I gave my key a specific name, anticipating that I will need more than one SSH key at some point. It doesn't make sense to always have id_rsa for github! I received the email that the key was successfully created, and I used git bash (because windows) to start the SSH client silently and added my private key. But running a git clone gave me this error:
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I then had the idea to try it with the default name (id_rsa), rather than my custom name, and of course it works. So my question is how do I avoid this? I don't want the default name to be reserved for github.
You can set up an ssh configuration file to tell the ssh command to use that specific key when connecting to github.
Create the file .ssh/config with the content:
Host github.com
IdentityFile ~/.ssh/github_rsa_key
Assuming that you've named your private key ~/.ssh/github_rsa_key.
Now try connecting to github:
$ ssh git#github.com
You should see:
Hi <your github username>! You've successfully authenticated, but GitHub does not provide shell access.
I have two different accounts where I have to upload changes to, the thing here is that the GitHub account and the Bitbucket account has different email addresses, so I'm trying to configure multiple ssh keys in order to keep committing, pushing and pulling changes from Github and Bitbucket respectively.
I've tried to generate two different ssh-keys by running:
ssh-keygen -t rsa -C "My.CorporateAddress#company.com"
Then, when asked to enter the file in which to save the key I add this:
Enter file in which to save the key (/Users/myUser/.ssh/id_rsa): /Users/myUser/.ssh/id_rsa_github
I do the same steps with the bitbucket one.
Then I generate a file named config and edit it by adding:
Host github
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_github
Host bitbucket
HostName corporate-address.com
User git
IdentityFile ~/.ssh/id_rsa_bitbucket
But when I run:
ssh -T git#bitbucket
Or:
ssh -T git#github
And try to make a pull request for any of those, I get the following error:
GITHUB ERROR:
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
---------------------------------------------------
---------------------------------------------------
BITBUCKET ERROR:
git#bitbucket.corporate.companyName.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
For security reasons, I omitted the company name.
What I'm trying to achieve is the possibility to work with both, my work Bitbucket account and my Personal Github account which are configured with a different email address.
What am I doing wrong? Your feedback will be truly appreciated it!
To test your different key, you should type:
ssh -Tv github
ssh -Tv bitbucket
No need to add the user.
Try again, with the old PEM format
ssh-keygen -t rsa -C "xxx#yyyy.com" -m PEM -P "" -f ~/.ssh/id_rsa_github
ssh-keygen -t rsa -C "another#yyyy.com" -m PEM -P "" -f ~/.ssh/id_rsa_bitbucket
But make sure to add your public keys to your accounts.
Example for GitHub: "Adding a new SSH key to your GitHub account".
I was finally able to configure my two git accounts, they're now up and running.
I followed this tutorial I found and it worked like charm!
Configuring Multiple SSH Keys on Mack
I'm able to authenticate, generate, push etc just fine with my SSH keys and Moovweb credentials on my Mac and Linux machines.
However, on my Windows machine, using Git Bash, I get an SSH Permission denied (publickey) error. The error message is below:
$> moov generate 123dsfsdsf nytimes.com
Running environment checks.
Verifying that git is installed...OK
Checking that current 123dsfsdsf directory doesn't exist...OK
Registering project with MoovCloud.
Authenticating with MoovCloud.
Checking for git access...Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
FAILED
> Need to upload an ssh key in order to generate a project...
Found the following SSH public keys:
1 ) id_rsa.pub
2 ) new_rsa.pub
Which would you like to use with your Moovweb account? 2
Uploading public key...
Successfully uploaded public key new_rsa.pub as 'firstname.lastname#GGT.local'
You are now ready to push projects to MoovCloud!
Creating project in MoovCloud...OK
Generating files...OK
Cloning project locally.
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Cloning into '123dsfsdsf'...
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
ERROR: Error cloning git repo: exit status 128
Please try cloning the repository (git clone moov#git.moovweb.com:firstnameglastname/123dsfsdsf.git) again later.
Try 'moov help generate' to find out details.
Seems like a Windows-specific SSH error. Any workarounds?
So as mentioned in prior answers, the Permission denied error in Windows is because you are trying to use a key other than id_rsa.
Windows lacks the bells and whistles that Linux and Mac have to try out all your public keys when trying to connect to a server via SSH. If you're using the ssh command, you can tell it which key to use by passing the -i flag followed by the path to the key to use:
ssh -i ~/.ssh/moovweb_rsa moov#git.moovweb.com
The above command should work just fine if you've uploaded moovweb_rsa.pub to the console (either via the moov login command or the console UI). However, trying any git related commands should fail because Git doesn't give you the ability to chose which key to use when connecting to the git remote. Because of this, SSH is forced to use the default key, id_rsa, and if that key doesn't work (or doesn't exist), then the connection fails with a permission denied error.
One possible solution, as suggested in other answers, is to simply rename your key to id_rsa. For most people, this is a fine solution. However, if you already have an id_rsa key and you would prefer to use a different key with Moovweb, you can edit your ~/.ssh/config file by adding the following contents:
Host git.moovweb.com
IdentityFile ~/.ssh/moovweb_rsa
If you append the above lines to your ~/.ssh/config file (create it if it doesn't exist), you should be able to successfully get Git to communicate with the Moovweb remote git server. The config basically tells SSH that for the given host (git.moovweb.com), SSH should use the given key rather than the default.
It's worth nothing that this happens to all Git remotes; interactions with Github, Heroku, etc... also suffer through this problem in Windows. You could easily extend your ~/.ssh/config file to use separate SSH keys for each one of those services if you so desired:
Host git.moovweb.com
IdentityFile ~/.ssh/moovweb_rsa
Host github.com
IdentityFile ~/.ssh/github_rsa
Host heroku.com
IdentityFile ~/.ssh/heroku_rsa
Quick & dirty solution: use only the default id_rsa.pub key
Some notes:
make sure you enter the right passphrase to id_rsa.pub
do not use your other key, new_rsa.pub
It turns out that Windows Git Bash doesn't quite come with all the cool utilities Mac/Linux users are used to. Specifically, you don't have ssh-agent running to help handle multiple keys. Without ssh-agent, the git command only seems to use the default id_rsa.pub key.
You can verify this is an SSH/Windows issue following Github's awesome SSH troubleshooting guide. You'll get a Permission denied (publickey) no matter which SSH/Git server you try to connect to.
so I have a couple of ssh keys that are used for other accounts that I have. I now need to be able to clone a heroku repository on my computer. I created a new ssh key and used heroku keys:add to add it to my heroku account. However when I try and clone the repository I get this error:
Your key with fingerprint: .... is not authorized to access rural-visions. fatal: the remote end hung up unexpectedly
I've heard that I need to create a config file in the .ssh folder, but I don't know what to put into there.
Any help would be really appreciated!
I sometimes have to work with a bunch of heroku accounts, and have run into this. Here's what I usually do:
Clear identities
$ ssh-add -D
ssh-add the key that I need for the current account
$ ssh-add ~/.ssh/an_account_key
Now I can push to my heroku app
$ git push heroku-remote master
Of course, this assumes that the key has been added to the heroku account already. You can do that with:
$ heroku keys:add
The correct way to solve this is with an SSH configuration in ~/.ssh/config, but that's a bit much for me since I only switch accounts occasionally.
Googling about the SSH configuration file should turn up plenty of results, but here's some that might help:
SSH config - same host but different keys and usernames
Specify an SSH key for git push for a given domain
Simplify Your Life With an SSH Config File
I've created a new ssh key, added it to my ssh keys locally, then added it to heroku. When I try to push, I get a 'not authorized' error. I'm not sure what to do next...
~/app> heroku keys:add /home/user/.ssh/XXX-YYY-ZZZ.pub
Uploading SSH public key /home/user/.ssh/XXX-YYY-ZZZ.pub... done
~/app> heroku keys
=== mail+heroku#mydomain.com Keys
ssh-rsa xxxx zzz#ubuntu
ssh-rsa yyyy zzz#ubuntu
~/app> ssh-add /home/user/.ssh/XXX-YYY-ZZZ
\Enter passphrase for /home/user/.ssh/XXX-YYY-ZZZ:
Identity added: /home/user/.ssh/XXX-YYY-ZZZ (/home/user/.ssh/XXX-YYY-ZZZ)
~/app> git push heroku master
! Your key with fingerprint XXXXX is not authorized to access XXX-YYY-ZZZ.
fatal: The remote end hung up unexpectedly
Do I have to connect that key to my XXX-YYY-ZZZ app somehow? I don't see anything about that in the docs here https://devcenter.heroku.com/articles/keys.
May be related, I have two heroku accts that I'm deploying to, this one that's failing is the second one. I'd like to keep them separate. I suspect the issue is with my ssh_config but I'm not sure how to solve it yet.
Looks like there's a plugin for heroku that will deal with this:
https://github.com/ddollar/heroku-accounts