In my ternimal when I run
git clone -q git#codebasehq.com:zzzz/yyyy/plat.git
I am able to clone the project but if I run
sudo git clone -q git#codebasehq.com:zzzz/yyyy/plat.git
and give the correct password I get
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
any idea why is this ?
Your root user just don't have the right public key in /root/.ssh.
Your user surely has one in ~/.ssh, but root does not.
codebasehq uses public/private key pair for authentication, so when you sudo you're trying to auth with root's key pair, which isn't the same as yours.
I think its really simple.
When you run the git clone with sudo you run it under the root user. And i think your root user has no valid public key to clone the repo.
There are some methods to enable only the key authentification.
Related
I have a repo at GitHub. When cloning it in Linux using ssh it works fine:
> git clone git#github.com:henrikppersson74/frokenjennnie.git
Cloning into 'frokenjennnie'...
Enter passphrase for key '/home/----/.ssh/id_rsa':
.
.
Reinitialized existing Git repository in /home/*
When doing the same thing in Windows PowerShell it doesn't work:
> git clone git#github.com:henrikppersson74/frokenjennnie.git
Cloning into 'frokenjennnie'...
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I have copied my private and public SSH keys from Linux to my Windows machine and they are stored in my ~/.ssh/ as id_rsa and id_rsa.pub.
It seems to work when I try to access github.com with ssh from PowerShell:
> ssh git#github.com
Enter passphrase for key 'C:\Users\-----/\.ssh\id_rsa':
PTY allocation request failed on channel 0
Hi henrikppersson74! You've successfully authenticated, but GitHub does not provide shell access.
Connection to github.com closed.
This is the same answer I get when doing this in Linux. I guess this means the my SSH-key par is ok?
When working in Eclipse in Windows, using the "Git Repositories" view it works fine to clone the same repo.
Previously I created new SSH keys in the PowerShell and copied the public one to GitHub, but with the same result.
My ~/.ssh/config file lookes like this:
Host github.com
HostName github.com
IdentityFile ~\.ssh\id_rsa
User git
ForwardAgent yes
I am using Git version:
> git --version
git version 2.28.0.windows.1
Unfortunately I get no extra information from using the --verbose flag:
> git clone git#github.com:henrikppersson74/frokenjennnie.git --verbose
Cloning into 'frokenjennnie'...
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
It doesn't help to add the key to the ssh-agent:
> ssh-add C:\Users\-----\.ssh\id_rsa
Enter passphrase for C:\Users\-----\.ssh\id_rsa:
Identity added: C:\Users\------\.ssh\id_rsa (C:\Users\-----\.ssh\id_rsa)
> git clone git#github.com:henrikppersson74/frokenjennnie.git --verbose
Cloning into 'frokenjennnie'...
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Could my old keys be cashed somewhere?
Does anyone have any idea about why I am not able to clone my repo in Windows PowerShell? I would be so grateful for some help.
The problem was that my %HOME% environment variable was set to the wrong location. When I changed it back to C:\Users\<userid> it worked like charm. Apparently SSH first looks for a key in %HOME%\.ssh\, then for en entry in %HOME%\.ssh\config\ and last it uses the keys added to the ssh-agent.
I have done the following steps to setup ssh deployment keys with our git repo for it to be able to git pull without a username and password:
Note: I am on AWS EC2 / Ubuntu 14.04.3
Run ssh-keygen -t rsa -b 4096 -C "ownersEmail#gmail.com" these are then saved as id_rsa and id_rsa.pub in ~/.ssh/
The deployment public key (id_rsa.pub) is added on the GitHub online UI in the deployment keys section
The directory is already cloned in /var/www/ directory, this is working all good via HTTPS for pulling
Try sudo git pull git#github.com:ownersUsername/OurRepo.git and get the following error
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Another Note: This repository is private under another users account.
Also, when I try ssh git#github.com I get:
Hi userName/Repo! You've successfully authenticated, but GitHub does not provide shell access.
Connection to github.com closed.
And the deployment key comes up as being used. Have been on this issue for greater than 4 hours now and any would would be very much appreciated, thanks.
The problem is you're using sudo, which runs the command as root, and it will try to use the root's keys not your user's keys.
What you want to do is:
give your user/group write access to /var/www
run the pull/clone as the user, not the root user.
When you do a git pull you don't need the link.
git pull <remote> <branch>
You need the full url for the clone command
sudo git clone git#github.com:ownersUsername/OurRepo.git
To test if your ssh key is good use this:
git fetch --all --prune
I'm trying to clone a private git repo into an Amazon AWS EC2 instance (Bitnami MEAN stack running Linux)
I have created ssh keys for the user "bitnami" and added the public key to my Github account.
Problem is that the user "bitnami" does not have sufficient permissions:
bitnami#ip-xxx-xx-xx-xx:~/apps$ git clone git#github.com:MyGitUserName/MyRepoName.git
fatal: could not create work tree dir 'MyGitRepo'.: Permission denied
One solution would be to switch to root user:
$ sudo su
But to my surprise the ssh keys I generated for the "bitnami" user do not exist for root user. At least, the /.ssh directory is missing the ssh keys when I switch to root user and reappear when I change back to the "bitnami" user.
So, what the best approach here? I want the "bitnami" user to have read/write/executable rights to the ~/apps folder.
Looking at this answer:
Could not create work tree dir 'example.com'.: Permission denied
I tried:
sudo chown -R bitnami apps
But I get the same error
Okay, I know why it failed.
When going:
sudo chown -R bitnami apps
I needed to run that command as root and not as the user I'm granting the rights to.
I have git clone repo on my home/myuser directory. I want to give another user permission to be able to update it. That user does not have sudo rights.
git repo is in this directory: /home/myuser/gitrepo/
When another user goes to that directory and tries to update it with:
/home/myuser/gitrepo/ git remote update
It gets this error:
error: cannot open .git/FETCH_HEAD: Permission denied
How could I give that user access to only update that repo?
You could try and protect your repo with a group which has only two members: you and the other user.
See "How do I share a Git repository with multiple users on a machine?"
chgrp -R <whatever group> gitrepo
chmod -R g+swX gitrepo
umask 002
The other option is to make sure your system umask is repected, with
git init --shared=group
# Or, for an existing repo
git config core.sharedRepository true
The best practice remains to delegate the authorization to a third-party framework like gitolite, based on the authentication of a ssh daemon or an http server.
So I just setup an Amazon EC2 instance. And installed git..
sudo yum install git
I then set up my ssh key with github. Now when I try to clone my repo into /var/www/html folder i get this error..
fatal: could not create work tree dir 'example.com'.: Permission denied
and when I run as root...
Cloning into 'example.com'...
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
But I made sure that my github public key matches my ~/.ssh/id_rsa.pub key. Is there something that I'm missing here?
Your first error is because your user does not have access to write to /var/www/html . You could give your user permissions to do so.
Your second error when running as root, is likely that you have your ssh keys in your user home directory, not in /root/.ssh/ , or that your .ssh directory or the ~/.ssh/id_rsa.pub key file have improber permissions. ~/.ssh/ should have the permission bits 0700 , and should have ~/.ssh/id_rsa.pub e.g. 0600
Note: this fix works for Mac users
Incase of macOS 10.12.2 or later, you will need to modify your ~/.ssh/config file to automatically load keys into the ssh-agent and store passphrases in your keychain.
Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/<your_id_rsa>
Add your SSH private key to the ssh-agent and store your passphrase in the keychain. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_rsa in the command with the name of your private key file.
ssh-add -K ~/.ssh/<your_id_rsa>
For more information please review
https://help.github.com/en/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
Have you tried this:
git: fatal: Could not read from remote repository
You can specify the username that SSH should send to the remote system as part of your remote's URL. Put the username, followed by an #, before the remote hostname.
git remote set-url website abc#***.com:path/to/repo
Is the id_rsa private key in ~/.ssh/id_rsa the pair to you public key (~/.ssh/id_rsa.pub) ?
If it's not (or you're not sure) I suggest you regenerate a new private/public key pair with ssh-keygen -t dsa.
My solution matches that of nos. Adding the public key of the root user fixes it. Another option would be changing the permission of the directory and executing the command as a regular user.