I'm kind of new to bash programming, but I decided to take an online class in which we create a t1 micro instance through AWS and ssh in and do all of our work there. I had been sshing through an alias I had made just fine for about a month, then I took a short hiatus for about two weeks. When I came back I got the permission denied(public access) message. I have looked at other threads and gone into my .ssh files and compared files and the like. It might have something to do with the fact that I generated new key pairs on the t1 micro instance, but I don't know how to fix it. When I debug with ssh -v key.pem I get:
OpenSSH_5.2p1, OpenSSL 0.9.8x 10 May 2012
debug1: Reading configuration data /Users/myName/.ssh/config
debug1: Reading configuration data /etc/ssh_config
ssh: Could not resolve hostname key.pem: nodename nor servname provided,
or not known
It's clearly an issue with one of the systems not recognizing the key pair, but I can't resolve it. Thanks everyone, all comments welcome.
the problem is your ssh command
what you want to run is
ssh -i key.pem [user]#[servername]
Related
Currently I am facing a problem with git clone a repo using SSH. I had set up my SSH Key and inserted it into GitLab. However still it does not work out.
Permission denied as like below:
And another problem is the fingerprint generated above is different from the one that is generated in Gitlab as shown below:
Hope if anyone could help. Had been troubleshooting this for a few days.
I tried to delete the .ssh folder and regenerate new key and did everything the same again but turn out to be the same, Permission denied and fingerprint is never matching.
I am using OpenSSH and OS: Windows 11 for this problem. I had also tried ssh -Tvvv <username#server> , ssh <username#server>, ssh -Tv <username#server> to verify whether if I am connected but the same permission denied.
As commented, the server fingerprint (for the ~/.ssh/known_hosts) differs from the public key fingerprint.
For the latter, test it with ssh -Tv git#gitlab.com, and check your private key is used.
If your private key does not have a default name (like id_rsa), you would need a ~/.ssh/config to reference your key.
Host gl
Hostname gitlab.com
User git
IdentityFile ~/.ssh/myKey
And ssh -Tv gl for testing.
Recently I had to get my hard drive replaced on my work machine and thus had to reconfigure everything. As a result I had to reinstall git bash. Before I was able to ssh fine into wpengine and now I cannot.
I am able to connect via the regular windows terminal fine but when I try with git bash I am getting the "Permission denied (publickey)." error for the same exact command.
I have tried all the suggested options from wpengine and in the different questions related to this on other SE questions and nothing is working.
I am using a Windows machine on windows 10.
Here are the following things I have tried:
Regenerating the key and adding it to my user public keys again and
then waiting 24 hours.
Adding the config details to the ssh_config file in C:\Program
Files\Git\etc\ssh
Adding a config file to my /User/username/.ssh/ folder.
I have tried using the following link and adding the wpengine rsa file: https://gist.github.com/jherax/979d052ad5759845028e6742d4e2343b as well.
Any and all help would be appreciated.
My guess is there is some kind of permissions issue going on the local machine?
Why would the request from git bash terminal to wpengine look different from windows command terminal?
I did solve my issue. If it helps you please use it!
When I used the command to the ssh host with : ssh -v user#environment.wpengine.ssh.net info
I got back this among the debug errors:
debug1: Offering public key: /c/Users/USERNAME/.ssh/KEY_FILENAME RSA XXXXXXXXXXXXXXXXXXXXX explicit
debug1: send_pubkey_test: no mutual signature algorithm
debug1: No more authentication methods to try.
user#environment.ssh.wpengine.net: Permission denied (publickey).
After finding this page:
https://transang.me/ssh-handshake-is-rejected-with-no-mutual-signature-algorithm-error/
I was able to solve the issue by adding the line:
PubkeyAcceptedAlgorithms +ssh-rsa to my ssh config file.
Honestly I am not even 10% certain on WHY this worked, however, it solved my problem.
How To Connect with SSH In WPEngine
If you are having trouble connecting to SSH in WPEngine Following are the commands which I used:
ssh-keygen -t rsa -b 4096 -f c:/users//.ssh/wpengine_rsa
Add Fingerprint in WPEngine My Profile – SSH
Add Config file
Host *.ssh.wpengine.net
IdentityFile ~/.ssh/wpengine_rsa
IdentitiesOnly yes
Connect with your wordpress website (windows command prompt)
ssh environment#environment.ssh.wpengine.net
I remember playing the Bandit War game in uni, so I felt like giving it another shot this weekend to refresh some knowledge.
Aaaand im Stuck on level0. But I am quite certain this is the correct command, so I am wondering if I am missing something or there can be some kind of configuration issue?
Level 0 gives you the address, the username, the port and the password. So you do an old-school login without any files etc.
This is what I went for:
ssh bandit0#bandit.labs.overthewire.org -p 2220
Also tried
ssh bandit.labs.overthewire.org -p 2220 -l bandit0
but that should be the same.
I would expect to be prompted for the password, but instead I get
This is a OverTheWire game server. More information on
http://www.overthewire.org/wargames
bandit0#bandit.labs.overthewire.org: Permission denied
(publickey,password).
Check your ssh-config in case you are stuck like me.
I had these lines among it
Host *
PreferredAuthentications publickey
this is why it did not work. Add the wargame server and switch to the preferred method of authentication for a given level.
Problem Statement
I am looking for a recommendation about the proper way to set up SSH keys for connecting to Git on our Jenkins master and slaves. There are other similar questions here about Git, Jenkins, and SSH (the closest being this), but none seems to answer this question with a specific recommendation about the right way to do this.
Background & Testing
I am working on a prototype implementation of Jenkins with on-premise GitLab. We have a few years of experience with Jenkins, but integrating it with Git is new for us. This is also the first time we've configured any slave nodes. At this point, we're just trying to get simple polling to work, no fancy push notifications.
The master Jenkins instance is running on Linux (Red Hat Linux 6). There are currently three slaves: one other Red Hat Linux server, and two servers running Windows Server 2012 R2. The Jenkins slave on the Windows servers runs as a Windows service. The master and all slaves are running up-to-date Git v2.10.0 (64-bit).
We're intending to use SSH to access GitLab. I created an SSH key with a passphrase and saved it on disk on the master. Then, I configured the public key as a deploy key for my test project in GitLab. Finally, I added a new credential in Jenkins.
In my first test project in Jenkins, I configured the GitLab repository URL and selected the Jenkins credentials created above. Then I built the project on the master. Jenkins made the SSH connection to GitLab with no problem and the build succeeded. Then I forced the build over to the Linux slave, with the same results.
Unfortunately, when forcing the build over to either of the Windows slaves, the build doesn't work like it does on Linux.
Errors on Windows
(Edited from my original question, based on further research.)
I initially got this error, which prevented any SSH connections from happening:
stderr: Unable to negotiate with xxxx port 22: no matching host key type found. Their offer: ssh-dss
This has to do with negotiation at the SSH level. The newer SSH client bundled with Git won't use ssh-dss by default, and that's all my relatively old SSH server is capable of offering.
To get past this, I added %HOME%/.ssh/config containing the following lines, as documented by OpenSSH under Legacy Options:
Host xxxx
HostKeyAlgorithms +ssh-dss
This forces the Git SSH client to accept ssh-dss connections.
Around the same time, I was struggling with how to get verbose SSH output out of the Windows SSH client bundled with Git, because the usual suggestion to set GIT_SSH='ssh -vvv' doesn't work on Windows. Based on an Ask Ubuntu question and a similar Stack Overflow question, I ultimately ended up with this in %HOME%/.ssh/config:
Host xxxx
HostKeyAlgorithms +ssh-dss
LogLevel DEBUG3
Having the debug output available gave me a better clue about what is going on. In the end, I can make a build succeed on Windows, but only if the SSH key that I use does not have a passphrase. The hint is here in the debug output:
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,hostbased
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password,hostbased
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\JENKIN~1.TMS\\AppData\\Local\\Temp\\ssh2489775972592020656key
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug2: no passphrase given, try next key
debug2: we did not send a packet, disable method
For some reason, Jenkins is failing to set up the SSH key with the proper passphrase on Windows, where it works just fine on Linux. Unfortunately, Jenkins doesn't dump the debug output from SSH except when the command fails, so I can't see exactly what the Linux build is doing differently.
Questions
The (possibly-naive) way I am trying to do this clearly works on Linux, but not on Windows. Is it supposed to work on Windows?
Is this the correct way to manage SSH keys for my situation, or is there some better way to do it? I was hoping to avoid having to manage key files on disk for every slave as this infrastructure grows.
Assuming this is the correct mechanism to use, can someone point me at instructions or an answer that definitively explains how to get this working? I feel like I must be missing something obvious...?
I have trouble getting the official Windows ADT 21.1.0 distribution to connect to a git repository. No matter what I tried(details below) it complains about host key not present in the registry and shows me no option to accept the host key. The remote server is running Gitlab and is under my control. There's no problem with connectivity or firewalls.
What I tried so far:
connecting without giving a password, with user git
connecting while giving a password, with another user
adding manually the host key in the known_hosts file that is found in the ssh home directory(Preferences->General->Network Connections->SSH2->SSH2 home).
The message is always:
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's rsa2 key fingerprint is:
ssh-rsa 2048 xx:xx:xx...
Connection abandoned.
RSE works without any problems, only egit gives me problems.
You could workaround the problem by not using the ssh protocol with the git server, but instead the git or http protocol.
One reason for the above message can be using a folder called "ssh" instead of ".ssh" (note the dot). Some colleague of mine experienced that, and this can easily happen when using Windows explorer, as it will silently remove the dot, when creating a folder called ".ssh". You have to use the command line instead.