My problem is that I can't push or fetch from GitLab. However, I can clone (via HTTP or via SSH). I get this error when I try to push :
Permission denied (publickey) fatal : Could not read from remote repository
From all the threads I've looked, here is what I have done :
- Set up an SSH key on my computer and added the public key to GitLab
- Done the config --global for username and email
- Cloned via SSH and via HTTP to check if it would resolve the issue
- Done the ssh -T [email protected] command
If you have any insight about how to resolve my issue, it would be greatly appreciated.
The answer is
Steps to be done, got same error but i fixed it. Gitlab wants ssh-rsa so below is the code to run ssh for rsa
ssh-keygen -o -t rsa -b 4096 -C "[email protected]"
[email protected] is your gitlab account email
It will prompt you to enter so just hit Enter after the below code is prompt,
Enter file in which to save the key (/home/yourDesktopName/.ssh/id_rsa):
It will prompt again you to enter so just hit Enter after the below code is prompt,
Enter passphrase (empty for no passphrase):
It will prompt again for the last you to enter so just hit Enter after the below code is prompt,
Enter same passphrase again:
You will show your ssh-rsa generate.
Login to your Gitlab account and Go to the right navbar you will get setting and in the left sidebar you will get ssh key. Enter in it.
Look above the prompt asking you to enter, you will get the path of ssh-rsa.
Go to your SSH folder and get the id_rsa.pub
Open it and get the key and Copy Paste to the Gitlab and you are nearly to done.
Check by:
ssh -T [email protected]You will get:
Welcome to GitLab, @joy4!Done.
- Go to project directory in terminal using
cd path/to/project - Run
ssh-keygen - Press enter for passphrase
- Run
cat ~/.ssh/id_rsa.pubin terminal - Copy the key that you get at the terminal
- Go to
Gitlab/Settings/SSH-KEYS - Paste the key and press Add Key button
This worked for me like a charm!
I had the same problems, It has been fixed after I re-generate the ssh key inside .ssh folder without naming it (keep it as id_rsa.pub). Then add it again to gitlab ssh key. Everything working fine now.
I found the solution in gitlab help.
To create a new SSH key pair:
1. Open a terminal on Linux or macOS, or Git Bash / WSL on Windows.
2. Generate a new ED25519 SSH key pair: ssh-keygen -t ed25519 -C "[email protected]"
2.1 Or, if you want to use RSA: ssh-keygen -o -t rsa -b 4096 -C "[email protected]"
3. Next, you will be prompted to input a file path to save your SSH key pair to... use the suggested path by pressing Enter
4. Once the path is decided, you will be prompted to input a password to secure your new SSH key pair. It's a best practice to use a password, but it's not required and you can skip creating it by pressing Enter twice.
5. Copy your public SSH key to the clipboard by using one of the commands below depending on your Operating System:
macOS: pbcopy < ~/.ssh/id_ed25519.pub
WSL / GNU/Linux (requires the xclip package): xclip -sel clip < ~/.ssh/id_ed25519.pub
Git Bash on Windows: cat ~/.ssh/id_ed25519.pub | clip
6. Navigating to SSH Keys and pasting your public key in the Key field
7. Click the Add key button
I hope it can help some of you!
How to add SSH key to gitlab account in ubuntu?
- Open terminal in your project directory.
- Type ‘ssh-keygen -o -t rsa -b 4096 -C "your gitlab email" ’ and hit enter
- Type ‘vim /home/mnbtech/.ssh/id_rsa.pub’ and hit enter (or manually open your 'id_rsa.pub'from where you saved it)
SSH key will appear. Copy those and
Go to your gitlab account.
- Click profile image And click setting
- In left side select SSH-Keys
- Then paste those key Click add key
SSH-Key will be added!
(N.B if you have Generate Previews SSH Key and Getting permission denied (public key). You Delete Your Previews ssh key and Generate new one and add git user.name and email on your terminal )
In our case, it wasn't a problem on the user/client side, but on the Gitlab server side.
We are running a local Gitlab CE 12.9 instance on CentOS 7.1.
We found out that on the server, the .ssh/authorized_keys file was not updating properly. Users create their SSH keys (following the Gitlab guide) and add it to the Gitlab server, but the server does not update the authorized_keys, so it will always result to permission denied errors.
A workaround was to rebuild the authorized_keys file by running:
$ sudo gitlab-rake gitlab:shell:setup
That would work for anyone who added their keys before running the rake task. For the next users who would add their keys, someone has to manually run the rake tasks again.
A more permanent solution was to not use the authorized_keys file and use instead an indexed lookup on the Gitlab database:
GitLab Shell provides a way to authorize SSH users via a fast, indexed lookup to the GitLab database. GitLab Shell uses the fingerprint of the SSH key to check whether the user is authorized to access GitLab.
Add the following to your
sshd_configfile. This is usually located at/etc/ssh/sshd_config, but it will be/assets/sshd_configif you're using Omnibus Docker:Match User git # Apply the AuthorizedKeysCommands to the git user only AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k AuthorizedKeysCommandUser git Match all # End match, settings apply to all users againReload OpenSSH:
# Debian or Ubuntu installations sudo service ssh reload # CentOS installations sudo service sshd reloadConfirm that SSH is working by removing your user's SSH key in the UI, adding a new one, and attempting to pull a repo.
By default (well the default on our installation), the Write to authorized_keys file was checked in the Admin Area > Performance Optimization settings. So we unchecked that and used the Gitlab database instead.
After setting up indexed lookup and unchecking the Write to authorized_keys file, SSH access became OK.
Well I had this same problem and after trying the answer @Khan proposed. However, I was only able to make it work by just changing the origin url in the .git/config file to the https address : https://gitlab.com/mygitlabusername/mygitproject.git
Since access via ssh is denied, I figured out using https shouldn't be a problem. It will however ask for your username and password for each push to the at repository
Step 1:
Added a config file in ~/.ssh/config file which looks like
User git
Hostname gitlab.com
IdentityFile ~/.ssh/id_rsa_gitlab
TCPKeepAlive yes
IdentitiesOnly yes
Step 2: Just clone the git repo WITHOUT sudo.
Documentation: https://gitlab.com/help/ssh/README#working-with-non-default-ssh-key-pair-paths
I think the simple solution is to add private key to authentication agent (if your key is not ~/.ssh/id_rsa),
ssh-add ~/.ssh/<your private key>
You basically let the ssh-agent take care of it.
Additionally, you can add it permanently.
When you have multiple git account and you want different ssh key
You have to follow same step for generating the ssh key, but be sure you
ssh-keygen -t ed25519 -C "[email protected]"
Enter the path you want to save(Ex: my-pc/Desktop/.ssh/ed25519)
Add the public key to your gitlab (How to adding ssh key to gitlab)
You have to new ssh identity using the below comand
ssh-add ~/my-pc/Desktop/.ssh/ed25519
this way working for me.
- add ssh / rsa keys to gitlab
ssh-add(type your terminal)- for verified type -
ssh -vT [email protected]
I was facing this issue because of ssh-agent conflicts on Windows-10. If you are using Windows-10 as well then please go through my detailed solution to this here
If you are not on windows-10 then please check if:
- your ssh-agent is running
- correct private key is added to your ssh-agent
- correct public key is added to your github account (You are able to clone, so this step should be fine)
I added my ~/.ssh/id_rsa.pub to the list of known SSH Keys in my GitLab settings https://gitlab.com/profile/keys. That solved the problem for me. :-)
Change permission :: chmod 400 ~/.ssh/id_rsa It helped for me.
In my case, it wasn't a gitlab problem, but a sshd configuration one. The ssh server didn't allow connection except for a list of users. The user git, the one connecting remotely to gitlab, wasn't in that list. So, check this before anything else.
You can check your ssh server configuration in /etc/ssh/sshd_config. If you have a line with the option AllowUsers, add git to it:
AllowUsers user1 user2 user3 git
I have gitlab running with docker, this is what I did to fix my problem.
Found that inside docker /var/log/gitlab/sshd/current there were multiple occurences of a message:
Authentication refused: bad ownership or modes for file /var/opt/gitlab/.ssh/authorized_keys
After which I changed ownership of that file from 99:users to git:users with:
chown git:users authorized_keys
I solved like this..
Generated a key for Windows using this command:
ssh-keygen -t rsa -C "[email protected]" -b 4096
but the problem was that after running this command, it popped a line: "Enter file in which to save the key (/c/Users/xxx/.ssh/id_rsa): " Here, I was giving only file name because of which my key was getting saved in my pwd and not in the given location. When I did "git clone ", it was assuming the key to be at "/c/Users/xxx/.ssh/id_rsa" location but it was not found, hence it was throwing error.
At the time of key generation 2 files were generated say "file1" & "file1.pub". I renamed both these files as
file1 -> id_rsa
and
file1.pub -> id_rsa.pub
and placed both in the location "/c/Users/xxx/.ssh/"
Please use git config credential.helper store if your site is using TLS/SSL.
Hope this works
Nothing worked for me on Windows 10 using Pageant as SSH agent, except adding a enviroment variable to windows (translated from german Windows 10, so the naming may differ):
- Search for "variables"
- Open System Enviroment Variables
- Click Enviroment Variables button at the bottom
- Add a new key named "GIT_SSH" and the value "C:\Program Files\PuTTY\plink.exe", to the top section "User Variables xxx"
- And you're done.
All thanks go to Benjamin Bortels, source: https://bortels.io/blog/git-in-vs-code-unter-windows-richtig-einstellen
if you are in Linux or macox , just try this in terminal:
ssh-add -l
if it return nothing, try this:
ssh-add
it must create identity in ~/.ssh/id_rsa
after retry :
ssh-add -l
it must return your identity, so after retry to clone, it's must work
NB: don't forget to add your ssh key in your profile gitlab
thanks
Two things mainly
You must have id_rsa.pub and id_rsa (private) keys in your .ssh folder ( which should be in your home folder.Create it if it isn't there put your keys ). It wouldn't work If you have named your key files differently
Change the permission of the id_rsa as chmod 400 ~/.ssh/id_rsa
My issue was that I used a non-root user with sudo access. But even sudo git clone ... didn't work. The solution was to create the folder for the project, chown user projectfolder and then run the clone without sudo.
I solved [email protected]: Permission denied (publickey) issue using following instructions
- RUN
cat ~/.ssh/id_rsa.pub - Copy
id_rsa.pub(public key) to your getlab `Setting -> SSH Keys - RUN
cat ~/.ssh/id_rsa - Copy
id_rsa(private key) to `Code_repo->git_auth->id_rsa
NOTE: Take care of the machine user if you are using root user in your DockerFile or anywhere else then use sudo su before running the above commands to get root user public and private keys.
Try to use git clone XXX if you'd see LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to XXX it might be the case that just updated your OS, installed some dev tools, e.g. Xcode with its tools on Mac, VPN, Antivirus (especially Kaspersky Antivirus) or something between/other.
In my case simply restarting my OS (macOS Catalina) fixed this issue.
Go to the terminal and regenerate the ssh key again. Type ssh-keygen. It will ask you where you want to save it, type the path.
Then copy the public key to gitlabs platform. It usually starts with ssh-rsa.
make sure you are not running sudo git clone [email protected]:project/somethiing.git, otherwise ssh will look in /root/.ssh instead of the key you uploaded ~/.ssh/id_rsa
I had the same issue, I resolved it by adding a new ssh key:
ssh-keygen -t ed25519 -C "[email protected]"- Copy your public SSH key to the clipboard (
xclip -sel clip < ~/.ssh/id_ed25519.pubin my case on Linux ) - On gitlab, go to
settings=>sshkeys and past the new key
There is a very simple solution to this: instead of working with ssh - move to https. to do this: in your project folder you have a .git folder in there - you have a config file - open it in a text editor and change the line
url [email protected]:yourname/yourproject.git
to
Earlier it was very difficult for me but when I tried it became so easy to add ssh key in Mac and Linux. There are a few steps and command to do this as follows:
- Open a terminal of your system and move inside your project directory by the command:
cd 'project directory name'
Run command
ssh-keygenin that terminal and enter it until the key's randomart image appears there.Then enter one more command in that terminal:
cat ~/.ssh/id_rsa.pub
It will generate your ssh key. Key will start with ssh-rsa and end with .local.
- Copy the key and go to your Gitlab profile section then
ssh keysection and paste it there. Click on theAddbutton this will work.
The problem for me was, that I switched UsePAM from yes to no in the SSH configuration file under /etc/ssh/sshd_config. With UsePAM yes everything works perfectly.
In my case it did not work in the WSL (Windows Subsystem for Linux).
When I start the WSL, I must
- start ssh-agent_
eval $(ssh-agent -s) - add the key to the ssh-agent:
ssh-add ~/.ssh/id_rsa - if prompted, enter the password
Now the connection works.
We can test this with ssh -T [email protected]
notes:
- weasel-pageant allows us to reuse the ssh keys that are loaded in PuTTY pageant inside the WSL
- detailed explanation: Git via SSH from Windows returns Permission Denied
I know, I'm answering this very late and even StackOverflow confirmed if I really want to answer. I'm answering because no one actually described the actual problem so wanted to share the same.
The Basics
First, understand that what is the remote here. Remote is GitLab and your system is the local so when we talk about the remote origin, whatever URL is set in your git remote -v output is your remote URL.
The Protocols
Basically, Git clone/push/pull works on two different protocols majorly (there are others as well)-
- HTTP protocol
- SSH protocol
When you clone a repo (or change the remote URL) and use the HTTPs URL like https://gitlab.com/wizpanda/backend-app.git then it uses the first protocol i.e. HTTP protocol.
While if you clone the repo (or change the remote URL) and uses the URL like [email protected]:wizpanda/backend-app.git then it uses the SSH protocol.
HTTP Protocol
In this protocol, every remote operation i.e. clone, push & pull uses the simple authentication i.e. username & password of your remote (GitLab in this case) that means for every operation, you have to type-in your username & password which might be cumbersome.
So when you push/pull/clone, GitLab/GitHub authenticate you with your username & password and it allows you to do the operation.
If you want to try this, you can switch to HTTP URL by running the command git remote set-url origin <http-git-url>.
To avoid that case, you can use the SSH protocol.
SSH Protocol
A simple SSH connection works on public-private key pairs. So in your case, GitLab can't authenticate you because you are using SSH URL to communicate. Now, GitLab must know you in some way. For that, you have to create a public-private key-pair and give the public key to GitLab.
Now when you push/pull/clone with GitLab, GIT (SSH internally) will by default offer your private key to GitLab and confirms your identity and then GitLab will allow you to perform the operation.
So I won't repeat the steps which are already given by Muhammad, I'll repeat them theoretically.
- Generate a key pair `ssh-keygen -t rsa -b 2048 -C "My Common SSH Key"
- The generated key pair will be by default in
~/.sshnamedid_rsa.pub(public key) &id_rsa(private key). - You will store the public key to your GitLab account (the same key can be used in multiple or any server/accounts).
- When you clone/push/pull, GIT offers your private key.
- GitLab matches the private key with your public key and allows you to perform.
Tips
You should always create a strong rsa key with at least 2048 bytes. So the command can be ssh-keygen -t rsa -b 2048.
https://gitlab.com/help/ssh/README#generating-a-new-ssh-key-pair
General thought
Both the approach have their pros & cons. After I typed the above text, I went to search more about this because I never read something about this.
I found this official doc https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols which tells more about this. My point here is that, by reading the error and giving a thought on the error, you can make your own theory or understanding and then can match with some Google results to fix the issue :)
There seem to be differences between the two ways to access a git repository i.e. using either SSH or HTTPS. For me, I encountered the error because I was trying to push my local repository using SSH.
The problem can simply be solved by clicking the clone button on the landing page of your project and the copying the HTTPS link and replacing it to the SSH link appearing with the format "git@gitlab...".
Another issue that can cause this behaviour is when you have a setup with 2 possible %HOME%-locations.
I'm using a PC where some of my documents are stored locally, and some of them are stored on a network drive. Some applications think C:\Users\<MyUserName>\ is my %home%, others think that U:\ is the home.
Turns out ssh-keygen put my private key under C:\users\<MyUserName>\, and that ssh -T and ssh -v also look there.
So everything seems to work fine, except that git clone, git push and others look for a key in U:\.
Which fails, so I get the aforementioned error.
It took me an hour to find out, but in the end the solution was simple: I copied everything from C:\Users\<MyUserName>\.ssh to U:\.ssh
For anyone using Windows 10 and nothing else working for him/her:
In my case, I had to clone the repo with https instead of ssh and a window popped-up asking for my credentials. After that everything works fine.
I use ubuntu 18.04, and it was actually permission issue in my local machine. The issue was gone when I set read/write permission to my .git folder.
Source: Stackoverflow.com