My problem is that I can't push or fetch from GitLab. However, I can clone (via HTTP or via SSH). I get this error when I try to push :
Permission denied (publickey) fatal : Could not read from remote repository
From all the threads I've looked, here is what I have done :
If you have any insight about how to resolve my issue, it would be greatly appreciated.
Another issue that can cause this behaviour is when you have a setup with 2 possible %HOME%-locations.
I'm using a PC where some of my documents are stored locally, and some of them are stored on a network drive. Some applications think
C:\Users\<MyUserName>\ is my
%home%, others think that
U:\ is the home.
ssh-keygen put my private key under
C:\users\<MyUserName>\, and that
ssh -T and
ssh -v also look there.
So everything seems to work fine, except that
git push and others look for a key in
Which fails, so I get the aforementioned error.
It took me an hour to find out, but in the end the solution was simple: I copied everything from
In my case it did not work in the WSL (Windows Subsystem for Linux).
When I start the WSL, I must
eval $(ssh-agent -s)
Now the connection works.
We can test this with
ssh -T [email protected]
In my case, it wasn't a gitlab problem, but a sshd configuration one. The ssh server didn't allow connection except for a list of users. The user git, the one connecting remotely to gitlab, wasn't in that list. So, check this before anything else.
You can check your ssh server configuration in
/etc/ssh/sshd_config. If you have a line with the option
AllowUsers, add git to it:
AllowUsers user1 user2 user3 git
if you are in Linux or macox , just try this in terminal:
if it return nothing, try this:
it must create identity in ~/.ssh/id_rsa
after retry :
it must return your identity, so after retry to clone, it's must work
NB: don't forget to add your ssh key in your profile gitlab
In our case, it wasn't a problem on the user/client side, but on the Gitlab server side.
We are running a local Gitlab CE 12.9 instance on CentOS 7.1.
We found out that on the server, the .ssh/authorized_keys file was not updating properly. Users create their SSH keys (following the Gitlab guide) and add it to the Gitlab server, but the server does not update the authorized_keys, so it will always result to permission denied errors.
A workaround was to rebuild the authorized_keys file by running:
$ sudo gitlab-rake gitlab:shell:setup
That would work for anyone who added their keys before running the rake task. For the next users who would add their keys, someone has to manually run the rake tasks again.
A more permanent solution was to not use the authorized_keys file and use instead an indexed lookup on the Gitlab database:
GitLab Shell provides a way to authorize SSH users via a fast, indexed lookup to the GitLab database. GitLab Shell uses the fingerprint of the SSH key to check whether the user is authorized to access GitLab.
Add the following to your
sshd_configfile. This is usually located at
/etc/ssh/sshd_config, but it will be
/assets/sshd_configif you're using Omnibus Docker:
Match User git # Apply the AuthorizedKeysCommands to the git user only AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k AuthorizedKeysCommandUser git Match all # End match, settings apply to all users again
# Debian or Ubuntu installations sudo service ssh reload # CentOS installations sudo service sshd reload
Confirm that SSH is working by removing your user's SSH key in the UI, adding a new one, and attempting to pull a repo.
By default (well the default on our installation), the Write to authorized_keys file was checked in the Admin Area > Performance Optimization settings. So we unchecked that and used the Gitlab database instead.
After setting up indexed lookup and unchecking the Write to authorized_keys file, SSH access became OK.
I added my
~/.ssh/id_rsa.pub to the list of known SSH Keys in my GitLab settings https://gitlab.com/profile/keys. That solved the problem for me. :-)
cat ~/.ssh/id_rsa.pub in terminal
This worked for me like a charm!
How to add SSH key to gitlab account in ubuntu?
SSH key will appear. Copy those and
Go to your gitlab account.
SSH-Key will be added!
(N.B if you have Generate Previews SSH Key and Getting permission denied (public key). You Delete Your Previews ssh key and Generate new one and add git user.name and email on your terminal )
There seem to be differences between the two ways to access a git repository i.e. using either SSH or HTTPS. For me, I encountered the error because I was trying to push my local repository using SSH.
The problem can simply be solved by clicking the clone button on the landing page of your project and the copying the HTTPS link and replacing it to the SSH link appearing with the format "git@gitlab...".
I found the solution in gitlab help.
To create a new SSH key pair:
1. Open a terminal on Linux or macOS, or Git Bash / WSL on Windows.
2. Generate a new ED25519 SSH key pair: ssh-keygen -t ed25519 -C "[email protected]"
2.1 Or, if you want to use RSA: ssh-keygen -o -t rsa -b 4096 -C "[email protected]"
3. Next, you will be prompted to input a file path to save your SSH key pair to... use the suggested path by pressing Enter
4. Once the path is decided, you will be prompted to input a password to secure your new SSH key pair. It's a best practice to use a password, but it's not required and you can skip creating it by pressing Enter twice.
5. Copy your public SSH key to the clipboard by using one of the commands below depending on your Operating System:
macOS: pbcopy < ~/.ssh/id_ed25519.pub
WSL / GNU/Linux (requires the xclip package): xclip -sel clip < ~/.ssh/id_ed25519.pub
Git Bash on Windows: cat ~/.ssh/id_ed25519.pub | clip
6. Navigating to SSH Keys and pasting your public key in the Key field
7. Click the Add key button
I hope it can help some of you!
Earlier it was very difficult for me but when I tried it became so easy to add ssh key in Mac and Linux. There are a few steps and command to do this as follows:
cd 'project directory name'
ssh-keygen in that terminal and enter it until the key's randomart image appears there.
Then enter one more command in that terminal:
It will generate your ssh key. Key will start with
ssh-rsa and end with
ssh key section and paste it there. Click on the
Add button this will work.
[email protected]: Permission denied (publickey) issue using following instructions
id_rsa.pub (public key) to your getlab `Setting -> SSH Keys
id_rsa (private key) to `Code_repo->git_auth->id_rsa
NOTE: Take care of the machine user if you are using
root user in your DockerFile or anywhere else then use
sudo su before running the above commands to get root user public and private keys.
I solved like this..
Generated a key for Windows using this command:
ssh-keygen -t rsa -C "[email protected]" -b 4096
but the problem was that after running this command, it popped a line: "Enter file in which to save the key (/c/Users/xxx/.ssh/id_rsa): " Here, I was giving only file name because of which my key was getting saved in my pwd and not in the given location. When I did "git clone ", it was assuming the key to be at "/c/Users/xxx/.ssh/id_rsa" location but it was not found, hence it was throwing error.
At the time of key generation 2 files were generated say "file1" & "file1.pub". I renamed both these files as
file1 -> id_rsa
file1.pub -> id_rsa.pub
and placed both in the location
Go to the terminal and regenerate the ssh key again. Type
ssh-keygen. It will ask you where you want to save it, type the path.
Then copy the public key to gitlabs platform. It usually starts with ssh-rsa.
For anyone using Windows 10 and nothing else working for him/her:
In my case, I had to clone the repo with https instead of ssh and a window popped-up asking for my credentials. After that everything works fine.
make sure you are not running
sudo git clone [email protected]:project/somethiing.git, otherwise ssh will look in
/root/.ssh instead of the key you uploaded
Try to use
git clone XXX if you'd see
LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to XXX it might be the case that just updated your OS, installed some dev tools, e.g. Xcode with its tools on Mac, VPN, Antivirus (especially Kaspersky Antivirus) or something between/other.
In my case simply restarting my OS (macOS Catalina) fixed this issue.
I think the simple solution is to add private key to authentication agent (if your key is not
ssh-add ~/.ssh/<your private key>
You basically let the
ssh-agent take care of it.
Additionally, you can add it permanently.
When you have multiple git account and you want different ssh key
You have to follow same step for generating the ssh key, but be sure you
ssh-keygen -t ed25519 -C "[email protected]"
Enter the path you want to save(Ex: my-pc/Desktop/.ssh/ed25519)
Add the public key to your gitlab (How to adding ssh key to gitlab)
You have to new ssh identity using the below comand
The problem for me was, that I switched
no in the SSH configuration file under
UsePAM yes everything works perfectly.
Steps to be done, got same error but i fixed it. Gitlab wants ssh-rsa so below is the code to run ssh for rsa
ssh-keygen -o -t rsa -b 4096 -C "[email protected]"
[email protected] is your gitlab account email
It will prompt you to enter so just hit Enter after the below code is prompt,
Enter file in which to save the key (/home/yourDesktopName/.ssh/id_rsa):
It will prompt again you to enter so just hit Enter after the below code is prompt,
Enter passphrase (empty for no passphrase):
It will prompt again for the last you to enter so just hit Enter after the below code is prompt,
Enter same passphrase again:
You will show your ssh-rsa generate.
Login to your Gitlab account and Go to the right navbar you will get setting and in the left sidebar you will get ssh key. Enter in it.
Look above the prompt asking you to enter, you will get the path of ssh-rsa.
Go to your SSH folder and get the id_rsa.pub
Open it and get the key and Copy Paste to the Gitlab and you are nearly to done.
ssh -T [email protected]
You will get:
Welcome to GitLab, @joy4!
Change permission :: chmod 400 ~/.ssh/id_rsa It helped for me.
Added a config file in
~/.ssh/config file which looks like
Step 2: Just clone the git repo WITHOUT sudo.
I know, I'm answering this very late and even StackOverflow confirmed if I really want to answer. I'm answering because no one actually described the actual problem so wanted to share the same.
First, understand that what is the remote here. Remote is GitLab and your system is the local so when we talk about the remote
origin, whatever URL is set in your
git remote -v output is your remote URL.
Basically, Git clone/push/pull works on two different protocols majorly (there are others as well)-
When you clone a repo (or change the remote URL) and use the HTTPs URL like https://gitlab.com/wizpanda/backend-app.git then it uses the first protocol i.e. HTTP protocol.
While if you clone the repo (or change the remote URL) and uses the URL like
[email protected]:wizpanda/backend-app.git then it uses the SSH protocol.
In this protocol, every remote operation i.e. clone, push & pull uses the simple authentication i.e. username & password of your remote (GitLab in this case) that means for every operation, you have to type-in your username & password which might be cumbersome.
So when you push/pull/clone, GitLab/GitHub authenticate you with your username & password and it allows you to do the operation.
If you want to try this, you can switch to HTTP URL by running the command
git remote set-url origin <http-git-url>.
To avoid that case, you can use the SSH protocol.
A simple SSH connection works on public-private key pairs. So in your case, GitLab can't authenticate you because you are using SSH URL to communicate. Now, GitLab must know you in some way. For that, you have to create a public-private key-pair and give the public key to GitLab.
Now when you push/pull/clone with GitLab, GIT (SSH internally) will by default offer your private key to GitLab and confirms your identity and then GitLab will allow you to perform the operation.
So I won't repeat the steps which are already given by Muhammad, I'll repeat them theoretically.
id_rsa.pub (public key) &
id_rsa (private key).
You should always create a strong rsa key with at least 2048 bytes. So the command can be
ssh-keygen -t rsa -b 2048.
Both the approach have their pros & cons. After I typed the above text, I went to search more about this because I never read something about this.
I found this official doc https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols which tells more about this. My point here is that, by reading the error and giving a thought on the error, you can make your own theory or understanding and then can match with some Google results to fix the issue :)
I was facing this issue because of ssh-agent conflicts on Windows-10. If you are using Windows-10 as well then please go through my detailed solution to this here
If you are not on windows-10 then please check if:
this way working for me.
ssh-add (type your terminal)
ssh -vT [email protected]
Well I had this same problem and after trying the answer @Khan proposed. However, I was only able to make it work by just changing the origin url in the .git/config file to the https address : https://gitlab.com/mygitlabusername/mygitproject.git
Since access via ssh is denied, I figured out using https shouldn't be a problem. It will however ask for your username and password for each push to the at repository
git config credential.helper store if your site is using TLS/SSL.
Hope this works
I had the same issue, I resolved it by adding a new ssh key:
ssh-keygen -t ed25519 -C "[email protected]"
xclip -sel clip < ~/.ssh/id_ed25519.pub in my case on Linux )
settings=>ssh keys and past the new key
Two things mainly
You must have id_rsa.pub and id_rsa (private) keys in your .ssh folder ( which should be in your home folder.Create it if it isn't there put your keys ). It wouldn't work If you have named your key files differently
Change the permission of the id_rsa as chmod 400 ~/.ssh/id_rsa
My issue was that I used a non-root user with sudo access. But even
sudo git clone ... didn't work. The solution was to create the folder for the project,
chown user projectfolder and then run the clone without sudo.
I had the same problems, It has been fixed after I re-generate the ssh key inside .ssh folder without naming it (keep it as id_rsa.pub). Then add it again to gitlab ssh key. Everything working fine now.
There is a very simple solution to this: instead of working with ssh - move to https. to do this: in your project folder you have a .git folder in there - you have a config file - open it in a text editor and change the line
url [email protected]:yourname/yourproject.git
Nothing worked for me on Windows 10 using Pageant as SSH agent, except adding a enviroment variable to windows (translated from german Windows 10, so the naming may differ):
All thanks go to Benjamin Bortels, source: https://bortels.io/blog/git-in-vs-code-unter-windows-richtig-einstellen
I have gitlab running with docker, this is what I did to fix my problem.
Found that inside docker /var/log/gitlab/sshd/current there were multiple occurences of a message:
Authentication refused: bad ownership or modes for file /var/opt/gitlab/.ssh/authorized_keys
After which I changed ownership of that file from 99:users to git:users with:
chown git:users authorized_keys
I use ubuntu 18.04, and it was actually permission issue in my local machine. The issue was gone when I set read/write permission to my .git folder.