ssh-add ~/.ssh/<your private key>
You basically let the ssh-agent
take care of it.
Additionally, you can add it permanently.
–
There is a very simple solution to this:
instead of working with ssh - move to https.
to do this:
in your project folder you have a .git folder
in there - you have a config file - open it in a text editor
and change the line
url =git@gitlab.com:yourname/yourproject.git
url = https://gitlab.com/yourname/yourproject.git
–
–
In my case it did not work in the WSL (Windows Subsystem for Linux).
When I start the WSL, I must
start ssh-agent_ eval $(ssh-agent -s)
add the key to the ssh-agent: ssh-add ~/.ssh/id_rsa
if prompted, enter the password
Now the connection works.
We can test this with ssh -T git@github.com
notes:
weasel-pageant allows us to reuse the ssh keys that are loaded in PuTTY pageant inside the WSL
detailed explanation: Git via SSH from Windows returns Permission Denied
it must return your identity, so after retry to clone, it's must work
NB: don't forget to add your ssh key in your profile gitlab
thanks
–
I know, I'm answering this very late and even StackOverflow confirmed if I really want to answer. I'm answering because no one actually described the actual problem so wanted to share the same.
The Basics
First, understand that what is the remote here. Remote is GitLab and your system is the local so when we talk about the remote origin
, whatever URL is set in your git remote -v
output is your remote URL.
The Protocols
Basically, Git clone/push/pull works on two different protocols majorly (there are others as well)-
HTTP protocol
SSH protocol
When you clone a repo (or change the remote URL) and use the HTTPs URL like https://gitlab.com/wizpanda/backend-app.git then it uses the first protocol i.e. HTTP protocol.
While if you clone the repo (or change the remote URL) and uses the URL like git@gitlab.com:wizpanda/backend-app.git
then it uses the SSH protocol.
HTTP Protocol
In this protocol, every remote operation i.e. clone, push & pull uses the simple authentication i.e. username & password of your remote (GitLab in this case) that means for every operation, you have to type-in your username & password which might be cumbersome.
So when you push/pull/clone, GitLab/GitHub authenticate you with your username & password and it allows you to do the operation.
If you want to try this, you can switch to HTTP URL by running the command git remote set-url origin <http-git-url>
.
To avoid that case, you can use the SSH protocol.
SSH Protocol
A simple SSH connection works on public-private key pairs. So in your case, GitLab can't authenticate you because you are using SSH URL to communicate. Now, GitLab must know you in some way. For that, you have to create a public-private key-pair and give the public key to GitLab.
Now when you push/pull/clone with GitLab, GIT (SSH internally) will by default offer your private key to GitLab and confirms your identity and then GitLab will allow you to perform the operation.
So I won't repeat the steps which are already given by Muhammad, I'll repeat them theoretically.
Generate a key pair `ssh-keygen -t rsa -b 2048 -C "My Common SSH Key"
The generated key pair will be by default in ~/.ssh
named id_rsa.pub
(public key) & id_rsa
(private key).
You will store the public key to your GitLab account (the same key can be used in multiple or any server/accounts).
When you clone/push/pull, GIT offers your private key.
GitLab matches the private key with your public key and allows you to perform.
You should always create a strong rsa key with at least 2048 bytes. So the command can be ssh-keygen -t rsa -b 2048
.
https://gitlab.com/help/ssh/README#generating-a-new-ssh-key-pair
General thought
Both the approach have their pros & cons. After I typed the above text, I went to search more about this because I never read something about this.
I found this official doc https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols which tells more about this. My point here is that, by reading the error and giving a thought on the error, you can make your own theory or understanding and then can match with some Google results to fix the issue :)
In my case, it wasn't a gitlab problem, but a sshd configuration one. The ssh server didn't allow connection except for a list of users. The user git, the one connecting remotely to gitlab, wasn't in that list. So, check this before anything else.
You can check your ssh server configuration in /etc/ssh/sshd_config
. If you have a line with the option AllowUsers
, add git to it:
AllowUsers user1 user2 user3 git
Steps to be done, got same error but i fixed it.
Gitlab wants ssh-rsa so below is the code to run ssh for rsa
ssh-keygen -o -t rsa -b 4096 -C "name@gmail.com"
name@gmail.com is your gitlab account email
It will prompt you to enter so just hit Enter after the below code is prompt,
Enter file in which to save the key (/home/yourDesktopName/.ssh/id_rsa):
It will prompt again you to enter so just hit Enter after the below code is prompt,
Enter passphrase (empty for no passphrase):
It will prompt again for the last you to enter so just hit Enter after the below code is prompt,
Enter same passphrase again:
You will show your ssh-rsa generate.
Login to your Gitlab account and Go to the right navbar you will get setting and in the left sidebar you will get ssh key. Enter in it.
Look above the prompt asking you to enter, you will get the path of ssh-rsa.
Go to your SSH folder and get the id_rsa.pub
Open it and get the key and Copy Paste to the Gitlab and you are nearly to done.
Check by: ssh -T git@gitlab.com
You will get: Welcome to GitLab, @joy4!
Done.
I have gitlab running with docker, this is what I did to fix my problem.
Found that inside docker /var/log/gitlab/sshd/current there were multiple occurences of a message:
Authentication refused: bad ownership or modes for file /var/opt/gitlab/.ssh/authorized_keys
After which I changed ownership of that file from 99:users to git:users with:
chown git:users authorized_keys
–
–
When you have multiple git account and you want different ssh key
You have to follow same step for generating the ssh key, but be sure
ssh-keygen -t ed25519 -C "your-email-id@gmail.com"
Enter the path you want to save(Ex: my-pc/Desktop/.ssh/ed25519)
Add the public key to your gitlab (How to adding ssh key to gitlab)
You have to new ssh identity using the below comand
ssh-add ~/my-pc/Desktop/.ssh/ed25519
To create a new SSH key pair:
1. Open a terminal on Linux or macOS, or Git Bash / WSL on Windows.
2. Generate a new ED25519 SSH key pair: ssh-keygen -t ed25519 -C "email@example.com"
2.1 Or, if you want to use RSA: ssh-keygen -o -t rsa -b 4096 -C "email@example.com"
3. Next, you will be prompted to input a file path to save your SSH key pair to... use the suggested path by pressing Enter
4. Once the path is decided, you will be prompted to input a password to secure your new SSH key pair. It's a best practice to use a password, but it's not required and you can skip creating it by pressing Enter twice.
5. Copy your public SSH key to the clipboard by using one of the commands below depending on your Operating System:
macOS: pbcopy < ~/.ssh/id_ed25519.pub
WSL / GNU/Linux (requires the xclip package): xclip -sel clip < ~/.ssh/id_ed25519.pub
Git Bash on Windows: cat ~/.ssh/id_ed25519.pub | clip
6. Navigating to SSH Keys and pasting your public key in the Key field
7. Click the Add key button
I hope it can help some of you!
Earlier it was very difficult for me but when I tried it became so easy to add ssh key in Mac and Linux. There are a few steps and command to do this as follows:
Open a terminal of your system and move inside your project directory by the command:
cd 'project directory name'
Run command ssh-keygen
in that terminal and enter it until the key's randomart image appears there.
Then enter one more command in that terminal:
cat ~/.ssh/id_rsa.pub
It will generate your ssh key. Key will start with ssh-rsa
and end with .local
.
Copy the key and go to your Gitlab profile section then ssh key
section and paste it there. Click on the Add
button this will work.
Go to project directory in terminal using cd path/to/project
Run ssh-keygen
Press enter for passphrase
Run cat ~/.ssh/id_rsa.pub
in terminal
Copy the key that you get at the terminal
Go to Gitlab/Settings/SSH-KEYS
Paste the key and press Add Key button
This worked for me like a charm!
For anyone using Windows 10 and nothing else working for him/her:
In my case, I had to clone the repo with https instead of ssh and a window popped-up asking for my credentials.
After that everything works fine.
ssh-keygen -t ed25519 -C "email@example.com"
Copy your public SSH key to the clipboard (xclip -sel clip < ~/.ssh/id_ed25519.pub
in my case on Linux )
On gitlab, go to settings=>ssh
keys and past the new key
You must have id_rsa.pub and id_rsa (private) keys in your .ssh folder ( which should be in your home folder.Create it if it isn't there put your keys ). It wouldn't work If you have named your key files differently
Change the permission of the id_rsa as chmod 400 ~/.ssh/id_rsa
Another issue that can cause this behaviour is when you have a setup with 2 possible %HOME%-locations.
I'm using a PC where some of my documents are stored locally, and some of them are stored on a network drive. Some applications think C:\Users\<MyUserName>\
is my %home%
, others think that U:\
is the home.
Turns out ssh-keygen
put my private key under C:\users\<MyUserName>\
, and that ssh -T
and ssh -v
also look there.
So everything seems to work fine, except that git clone
, git push
and others look for a key in U:\
.
Which fails, so I get the aforementioned error.
It took me an hour to find out, but in the end the solution was simple: I copied everything from C:\Users\<MyUserName>\.ssh
to U:\.ssh
I spent many hours to fix this. Below solution worked for me.
Follow these commands on your terminal.
ssh-keygen -t rsa -C "<your email address>" -b 4096 -t ed25519
Rename generated keys as this: id_rsa and id_rsa.pub the Add generated public key to your gitlab server.
Then add ssh key to ssh agent as below.
Initiate ssh-agent
eval "$(ssh-agent -s)"
If your key is generated with a different name, replace id_rsa in the command below
ssh-add ~/.ssh/id_rsa
To test the connection use this command.
ssh -T git@<git lab server url>
To troubleshoot use below commands.
ssh -Tv git@<git lab server url>
ssh -vvv git@<git lab server url>
Now you can clone your project to your local environment.
Generated a key for Windows using this command:
ssh-keygen -t rsa -C "your.email@example.com" -b 4096
but the problem was that after running this command, it popped a line:
"Enter file in which to save the key (/c/Users/xxx/.ssh/id_rsa): "
Here, I was giving only file name because of which my key was getting saved in my pwd and not in the given location. When I did "git clone ", it was assuming the key to be at "/c/Users/xxx/.ssh/id_rsa" location but it was not found, hence it was throwing error.
At the time of key generation 2 files were generated say "file1" & "file1.pub". I renamed both these files as
file1 -> id_rsa
file1.pub -> id_rsa.pub
and placed both in the location "/c/Users/xxx/.ssh/"
Go to the terminal and regenerate the ssh key again. Type ssh-keygen
. It will ask you where you want to save it, type the path.
Then copy the public key to gitlabs platform. It usually starts with ssh-rsa.
Open terminal in your project directory.
Type ‘ssh-keygen -o -t rsa -b 4096 -C "your gitlab email" ’ and hit enter
Type ‘vim /home/mnbtech/.ssh/id_rsa.pub’ and hit enter
(or manually open your 'id_rsa.pub'from where you saved it)
SSH key will appear. Copy those and
Go to your gitlab account.
Click profile image And click setting
In left side select SSH-Keys
Then paste those key
Click add key
SSH-Key will be added!
(N.B if you have Generate Previews SSH Key and Getting permission denied (public key). You Delete Your Previews ssh key and Generate new one and add git user.name and email on your terminal )
There seem to be differences between the two ways to access a git repository i.e. using either SSH or HTTPS. For me, I encountered the error because I was trying to push my local repository using SSH.
The problem can simply be solved by clicking the clone button on the landing page of your project and the copying the HTTPS link and replacing it to the SSH link appearing with the format "git@gitlab...".
I had the same problems,
It has been fixed after I re-generate the ssh key inside .ssh folder without naming it (keep it as id_rsa.pub).
Then add it again to gitlab ssh key.
Everything working fine now.
I solved git@gitlab.com: Permission denied (publickey)
issue using following instructions
RUN cat ~/.ssh/id_rsa.pub
Copy id_rsa.pub
(public key) to your getlab `Setting -> SSH Keys
RUN cat ~/.ssh/id_rsa
Copy id_rsa
(private key) to `Code_repo->git_auth->id_rsa
NOTE: Take care of the machine user if you are using root
user in your DockerFile or anywhere else then use sudo su
before running the above commands to get root user public and private keys.
Nothing worked for me on Windows 10 using Pageant as SSH agent, except adding a enviroment variable to windows (translated from german Windows 10, so the naming may differ):
Search for "variables"
Open System Enviroment Variables
Click Enviroment Variables button at the bottom
Add a new key named "GIT_SSH" and the value "C:\Program Files\PuTTY\plink.exe", to the top section "User Variables xxx"
And you're done.
All thanks go to Benjamin Bortels, source: https://bortels.io/blog/git-in-vs-code-unter-windows-richtig-einstellen
In our case, it wasn't a problem on the user/client side, but on the Gitlab server side.
We are running a local Gitlab CE 12.9 instance on CentOS 7.1.
We found out that on the server, the .ssh/authorized_keys file was not updating properly. Users create their SSH keys (following the Gitlab guide) and add it to the Gitlab server, but the server does not update the authorized_keys, so it will always result to permission denied errors.
A workaround was to rebuild the authorized_keys file by running:
$ sudo gitlab-rake gitlab:shell:setup
That would work for anyone who added their keys before running the rake task. For the next users who would add their keys, someone has to manually run the rake tasks again.
A more permanent solution was to not use the authorized_keys file and use instead an indexed lookup on the Gitlab database:
GitLab Shell provides a way to authorize SSH users via a fast, indexed
lookup to the GitLab database. GitLab Shell uses the fingerprint of
the SSH key to check whether the user is authorized to access GitLab.
Add the following to your sshd_config
file. This is usually located at
/etc/ssh/sshd_config
, but it will be /assets/sshd_config
if you're
using Omnibus Docker:
Match User git # Apply the AuthorizedKeysCommands to the git user only
AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k
AuthorizedKeysCommandUser git
Match all # End match, settings apply to all users again
Reload OpenSSH:
# Debian or Ubuntu installations
sudo service ssh reload
# CentOS installations
sudo service sshd reload
Confirm that SSH is working by removing your user's SSH key in the UI, adding a new one, and attempting to pull a repo.
By default (well the default on our installation), the Write to authorized_keys file was checked in the Admin Area > Performance Optimization settings. So we unchecked that and used the Gitlab database instead.
After setting up indexed lookup and unchecking the Write to authorized_keys file, SSH access became OK.
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.