git pull: Permission denied (publickey)
Solution 1
You do git pull
under sudo
, which is the problem. Doing only
git pull
will work for you. Also doing
sudo ssh [email protected]
will fail for you. The problem is that sudo
changes user and it does no longer see your identity file /home/ec2-user/.ssh/id_rsa
(it searches in /root/.ssh/id_rsa
). Do the pull
with your normal user or copy/move your key to appropriate location for the target user (root
).
Solution 2
Your ssh key is not unvalidate.
ssh-keygen -t rsa -C "[email protected]"
will generate ssh key for the current user. Eg:
$ whoami
nodejh
# It will generate the ssh key for user: nodejh
$ ssh-keygen -t rsa -C "[email protected]
# Check that you are connecting to the correct server
$ ssh -T [email protected]
Hi username! You've successfully authenticated...
sudo ssh-keygen -t rsa -C "[email protected]
will generate ssh key for root
. So that ssh -T [email protected]
will return Permission Denied (publickey)
, but sudo ssh -T [email protected]
works fine.
If you want to generate ssh key for the user: admin
, you can change current user to admin
then generate ssh key.
# change the current user to admin
$ su admin
# generate ssh key for `admin`
$ ssh-keygen -t rsa -C "[email protected]`
Related videos on Youtube
Admin
Updated on September 18, 2022Comments
-
Admin almost 2 years
So I am trying to get git to work with my repo server (1.2.3.4) (debian) on my new server on AWS (4.5.6.7 / 10.0.0.111).
My repo's .git/config
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [branch "master"] remote = origin merge = refs/heads/master [remote "origin"] url = [email protected]:/opt/git/repo.git fetch = +refs/heads/*:refs/remotes/origin/*
I'm getting this error:
[ec2-user@ip-10-0-0-111 html]$ sudo git pull Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
My public key is present in /home/git/.ssh/authorized_keys
I previously I was prompted for the password for the user git on my repo server (not my key file passphrase). I then disabled password auth for the git user, and received the permission denied instead. During this time and now with the error above I was able to successfully login via ssh:
ssh [email protected]
With no password prompt or such:
debug1: Offering RSA public key: /home/ec2-user/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: Authentication succeeded (publickey).
A successful ssh login on the repo server (1.2.3.4) looks like this in the /var/log/auth.log:
Feb 22 15:45:44 hostname sshd[20142]: Connection from 4.5.6.7 port 50409 Feb 22 15:45:44 hostname sshd[20142]: Found matching RSA key: <fingerprint> Feb 22 15:45:44 hostname sshd[20142]: Accepted publickey for git from 4.5.6.7 port 50409 ssh2 Feb 22 15:45:44 hostname sshd[20142]: pam_unix(sshd:session): session opened for user git by (uid=0)
When I try git pull this is what auth.log looks like:
Feb 22 15:46:41 hostname sshd[20177]: Connection from 4.5.6.7 port 50410
Then nothing more.
How can I debug the git ssh authentication failure for git when the normal ssh command works perfectly?