7

Firstly, i created the ssh key pair with the command: 

ssh-keygen -o -t rsa -b 4096 -C "[email protected]"

Then, i added content of the id_rsa.pub file to my GitLab profile. But when i tried to test whether my SSH key was added correctly: 

ssh -vvvT [email protected]

i've got the following log after correct password was typed:

debug3: send packet: type 61
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 0
debug3: send packet: type 61
debug3: receive packet: type 52
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to some.gitlab.com ([xxx.xxx.xxx.xxx]:xx).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting [email protected]
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last failed login: Sun Jan 26 21:33:13 UTC 2020 from some-freeipa.com on ssh:notty

And nothing else. Printing of log has stopped, and console is frozen now. Also i've tried to clone some projects from my GitLab with command:

git clone ssh://user@some-gitlab-url/some-project.git

But i've got the error:

Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Could anyone, please, help me with the issue?

Improve this question
2
  • Does it work if you change your remote to use git@ instead of user@? Commented Jan 26, 2020 at 23:22
  • No, it doesn't work. I've tried both: 1. 'git clone ssh://user@...' with 'ssh -vvvT [email protected]' to test; 2. 'git clone ssh://git@...' with 'ssh -vvvT [email protected]' to test Commented Jan 27, 2020 at 4:47

3 Answers 3

Reset to default
4 
shell request accepted on channel 0

That means possibly the ssh part is working.

What would not be working would be the URL used to cloned the repo:

  • the users needs to be git (always in a typical GitLab installation)
  • the URL needs to include the user/group and the repo

So not ssh://user@some-gitlab-url/some-project.git but

ssh://git@some-gitlab-url/some-group/some-project.git

As found by the OP in the chat, the issue was the SSH library used.

The problem was with OpenSSH client.
During the discussion I was using OpenSSH client for Windows.
After it was changed to Git Bash it has started to work!

I mentioned here that Windows 10 (1809+) adds an OpenSSH Client (and server).
But Git for Windows comes with OpenSSH 8.1.

Since The Windows SSH is a fork (PowerShell/openssh-portable) of the openSSH one, using the one from Git is safer.

More generally, using Git with a path starting with:

set GH=C:\path\to\git
set PATH=%GH%\bin;%GH%\usr\bin;%GH%\cmd;%GH%\mingw64\bin;%PATH%

That will ensure you are using Git with its runtime dependencies first (and then Windows).

Improve this answer
Sign up to request clarification or add additional context in comments.

12 Comments

Thanks for your answer, but it doesn't work for me. The same result
@IlyaBerdzenishvili OK, I have rewritten the answer accordingly.
Regarding the 'ssh://git@some-gitlab-url/some-group/some-project.git' format. Yes, i'm using this format, the 'ssh://user@some-gitlab-url/some-project.git' without group was used just to simplify.
Regarging the 'the users needs to be git (always in a typical GitLab installation)'. See my comment below the question: ' I've tried both: 1. 'git clone ssh://user@...' with 'ssh -vvvT [email protected]' to test; 2. 'git clone ssh://git@...' with 'ssh -vvvT [email protected]' to test'
@IlyaBerdzenishvili Is it a private repo? Does your user (where you did register the public SSH key) has the right to access it through the Web GUI?
|
2

I had the same (or very similar) issue on Ubuntu 22.04, with the error message

The authenticity of host 'gitlab.com (172.65.251.78)' can't be established.
ED25519 key fingerprint is SHA256:eUXGGm1YGsMAS7vkcx6JOJdOGHPem5gQp4taiCfCLB8.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? 
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

The solution was to update ~/.ssh/config with

Host *gitlab*
    IdentityFile ~/.ssh/id_rsa
    IdentitiesOnly yes
    StrictHostKeyChecking no

Where the last line made the difference. Also note that if using RSA keys they must be at least 2048 and maximum 8192 bits. So for example ssh-keygen -t rsa -b 4096 creates a valid key pair id_rsa, id_rsa.pub.

Hm, reading what I just posted, I think maybe I just didn't write yes when prompted (see the error message above)... Maybe that used to be the default and now it says [fingerprint] as the default... Anyway maybe someone equally confused will be helped by this :D

Improve this answer

Comments

1

Adding my answer, since I just spent about 4 hours resolving the issue for Permission denied (publickey).

I had to update the .ssh/config file with the following:

# Gitlab | example
Host <gitlabUserName>.gitlab.com
  Host gitlab.com
  Preferredauthentications publickey
  IdentityFile ~/.ssh/<ssh_key_type>

You'll need to add your own gitlab user name for the Host on the second line

you'll need to add the ssh_key_type (rsa, id_ed25519, etc)

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.