I have configured Jenkins on a Linux machine and my git repo is on an another Linux server. But when I try to give the URL of the repo to Jenkins I get the following error.
Failed to connect to repository : Command "git -c core.askpass=true ls-remote -h ssh://user#ip/~/export1 HEAD" returned status code 128:
stdout:
stderr: Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
What could be the cause for this?
I have seen that both the systems' rsa key is present in each other's .ssh/known_hosts folder.
I am able to pull or clone code from the repo to a folder in Jenkins system as well. So why is Jenkins not able to take it?
I have also tried the URL user#ip:/fullpath/to/repo
You need to make sure Jenkins is running as the right user (the one who has the keys in ~/.ssh/id_rsa(.pub)
That user might not be the same as the one used in the ssh url: user#ip means you are connecting to ip using an account which has your public key in ~user/.ssh/authorized_key.
So the Jenkins process must be run by an account which has the private and public key, whose public key is in ~user/.ssh/authorized_key on the git server side.
And that account should have done (only once) an ssh-keyscan -H ip >> ~account/.ssh/known_hosts before any ssh attempt, in order to record the git server ip as a known host.
Does it being a bare repo make any difference or change in the URL?
No. The .git at the end of the bare repo folder is optional when used as an url.
Further to #VonC's reply, you can also use the Credentials plugin to define a set of credentials on your Jenkins master that your Jenkins job uses to access your Git repo. This allows you to run Jenkins itself as a different user from there one that has access to the Git repo.
The main problem was the security of the systems. I hadnt checked the authentication mechanisms on my server. The password authentication to the git server was causing the problem because the jenkins machine tries to directly fire a ls-remote to the path. When you do the same thing on the terminal you will be prompted for a password and then itl accept. When I set the password authentication and UsePAM to no and enabled the RSA authentication, pubkey authentication and authorised key setting to yes in the sshd_config file, and restarted, it was able to access the repo and I dint get this error.
Related
I have installed git in the Linux server(Server1) and created a remote git repository in that server1 Now I need to clone the git repository to server2 through Jenkins so I installed Jenkins in the server2, Now Jenkins was hosted in server2.
In Jenkins I have created a freestyle project, In the Repository URL section, I entered the URL of git repo like: git#<server1_ip>:/opt/dev/repo/pals/ui.git
For authentication, I have tried each credential one by one given below:
git repo username and password
git repo username and SSH Private key
Jenkins username and password
Jenkins username and SSH Private key
But I am facing the below error:
Repository URL
git#<server1_ip>:/opt/dev/repo/pals/ui.git
Failed to connect to repository : Command "git ls-remote -h -- git#<server1_ip>:/opt/dev/repo/pals/ui.git HEAD" returned status code 128: stdout: stderr: Permission denied, please try again. Permission denied, please try again. git#<server1_ip>: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
git#<server1_ip>:/opt/dev/repo/pals/ui.git
That is an SSH URL, which means you need to:
register the private key in Jenkins server2 using the Jenkins SSH Credential plugin (try a passphrase-less key, to avoid any issue with SSH agent, for testing)
make sure server1:~git/.ssh/authorized_key has the public key in it.
On server2, you can at least test ssh -i /path/to/private/key git#server1 to make sure that works first. Then test from Jenkins.
I have one project on Gitlab and I worked with it for the last few days!
But after a few days it all went off! I added my home PC ssh key in Gitlab project setting, but now I want use git pull for receive new changes in my home PC show me this error:
10:47 AM Update failed
Permission denied (publickey).
Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
10:47 AM Update canceled
Gitlab ssh key image:
How can I fix it?
GitHub isn't able to authenticate you. So, either you aren't setup with an SSH key, because you haven't set one up on your machine, or your key isn't associated with your GitHub account.
You can also use the HTTPS URL instead of the SSH/git URL to avoid having to deal with SSH keys. This is GitHub's recommended method.
Further, GitHub has a help page specifically for that error message, and explains in more detail everything you could check.
I know this problem. After add ssh key, add you ssh key to ssh agent too (from official docs https://help.github.com/articles/generating-ssh-keys/)
ssh-agent -s
ssh-add ~/.ssh/id_rsa
After it, all work fine, git can view proper key, before couldn't.
I have created a new user on github under our organization which will be used for auto deployment. I followed the article on https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/#platform-linux.
Somehow, when I tried to clone the repository to the server, it worked once. The code was running properly, and I exit the server. Today, we released an update to the code, and I wanted to deploy the code manually to the server, so I ssh'd into the server and tried to pull the repository with git pull. It gave me Permission denied error. After some debugging I realized that the ssh-agent wasn't running. So I executed the following commands:
eval "$(ssh-agent -s)"
ssh-add .ssh/id_rsa_staging
Now, when I try ssh -T git#github.com, I see the welcome message which is:
Hi *****! You've successfully authenticated, but GitHub does not provide shell access.
But when I try to pull from the repository, I am continuously getting this error message:
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I checked the repository and the user has read access to it. I double checked if the keys match on github and server, yes they do. I tried generating new keys. I tried using ssh/config file. Nothing helped...
I appreciate any help & suggestions!
Update:
So I figured out that git clone command is working properly, but even when I try git pull right after git clone, it is giving the error.
If you are using sudo to git pull/push to the remote you need to ensure you used sudo to generate your SSH keys. Otherwise you will not be using the same keys that you originally generated.
github doc for reference
I had the exact same issue.
For me what worked was
Go to repo on github which you have cloned and wanna pull with
Under the code-download option copy SSH link
Enter following command in your terminal -->
git remote set-url origin paste_SSH_link
I have done the following steps to setup ssh deployment keys with our git repo for it to be able to git pull without a username and password:
Note: I am on AWS EC2 / Ubuntu 14.04.3
Run ssh-keygen -t rsa -b 4096 -C "ownersEmail#gmail.com" these are then saved as id_rsa and id_rsa.pub in ~/.ssh/
The deployment public key (id_rsa.pub) is added on the GitHub online UI in the deployment keys section
The directory is already cloned in /var/www/ directory, this is working all good via HTTPS for pulling
Try sudo git pull git#github.com:ownersUsername/OurRepo.git and get the following error
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Another Note: This repository is private under another users account.
Also, when I try ssh git#github.com I get:
Hi userName/Repo! You've successfully authenticated, but GitHub does not provide shell access.
Connection to github.com closed.
And the deployment key comes up as being used. Have been on this issue for greater than 4 hours now and any would would be very much appreciated, thanks.
The problem is you're using sudo, which runs the command as root, and it will try to use the root's keys not your user's keys.
What you want to do is:
give your user/group write access to /var/www
run the pull/clone as the user, not the root user.
When you do a git pull you don't need the link.
git pull <remote> <branch>
You need the full url for the clone command
sudo git clone git#github.com:ownersUsername/OurRepo.git
To test if your ssh key is good use this:
git fetch --all --prune
I have two CentOS servers that are set up the same. I created a git repo on server A and pushed it to github. I then cloned the repo on server B. At first, all seemed to be in order. I could commit on either server, push to the remote, and the pull on to the other server.
The problem is that my co-workers now cannot push or pull on server B (they can run git status or commit). Strangely, this applies to ALL repos on server B, not just the one I cloned. Here is the error they see:
ERROR: Repository not found.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I checked that they are in the collaborators lists (both as owners and on the team assigned to the repo).
I also tried changing to the root user and cloning the repo again--as root I received the same error as above. The global .gitconfig does not reference my user or key, and the local .git/config files are set to use SSH (git#github.com).
What would cause this error to happen all users but one? Where else should I be looking?
Add '-v' to your git command as you run it to get more verbose output, that should tell you what's wrong.
I did resolve this issue. I found the problem by running ssh -T -vvv git#github.com which showed different keys being used for my user vs. the other users on the server. The key being used generally was not tied to a user in our github account. The fix:
Generated a new SSH key
Added key to shared user on github account
Updated .ssh/config to use the new key when accessing github.com
I am not certain how the SSH key got messed up, because it worked before. But this fixed it.