I want to use 443 port to connect to github.
So I add blow code into ~/.ssh/config
Host github.com
HostName ssh.github.com
User git
IdentityFile ~/.ssh/id_rsa.github
Port 443
But It didn't work.
some try:
first, I try ssh -v git#ssh.github.com
OpenSSH_9.2p1, OpenSSL 3.0.8 7 Feb 2023
debug1: Reading configuration data /home/user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to ssh.github.com [20.205.243.160] port 22.
It show that, connection still use port 22.
and then I try ssh -v git#ssh.github.com -p 443
OpenSSH_9.2p1, OpenSSL 3.0.8 7 Feb 2023
debug1: Reading configuration data /home/user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to ssh.github.com [20.205.243.160] port 443.
...
debug1: No more authentication methods to try.
git#ssh.github.com: Permission denied (publickey).
It show that, connection didn't find my publickey.
So finally I try ssh -v git#ssh.github.com -p 443 -i ~/.ssh/id_rsa.github
...
Connection to ssh.github.com closed.
Transferred: sent 3460, received 2724 bytes, in 0.8 seconds
Bytes per second: sent 4383.9, received 3451.4
debug1: Exit status 1
The connection is correct.
Besides, others config in my ~/.ssh/config work.
To use your Host config setting, you need to use your Host section name
ssh -Tv github.com
(no need for git#, since you have a User git in your config file Host github.com section)
Then you can check it uses the right port and private key.
Related
I cannot ssh into github no matter what I do. All attempts appear to decline my key pair. I am able to ssh into my home server just fine, so I assume that this issue is with github specifically.
This is what I've tried so far. All of these methods fail with the same issue:
I have tried logging in using the key produced by my script below as a deploy key in github
I have tried using a similar set of steps as that script and instead added the key to the list of my account SSH Keys
I have tried using different algorithms (ecdsa, ed25519, rsa, etc...)
I have tried logging in via my own machine (linux mint) and my home server (ubuntu)
I have tried adding the key to the ssh-agent using ssh-add
I checked the SHA256 fingerprint in github for the key against the output of ssh -v below and it matches
Local Machine
This is my ~/.ssh/config:
Host github.com
User git
HostName github.com
IdentityFile ~/.ssh/github_ecdsa
Here, I have output from running ssh -vT git#github.com
OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /home/[REDACTED]/.ssh/config
debug1: /home/[REDACTED]/.ssh/config line 1: Applying options for github.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to github.com [140.82.113.3] port 22.
debug1: Connection established.
debug1: identity file /home/[REDACTED]/.ssh/github_ecdsa type 2
debug1: identity file /home/[REDACTED]/.ssh/github_ecdsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.1
debug1: compat_banner: match: OpenSSH_8.9p1 Ubuntu-3ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to github.com:22 as 'git'
debug1: load_hostkeys: fopen /home/[REDACTED]/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:5ip0RVW9UxjapS8EiRiO6d9k+SJArVU0NVXDSHjTAVU
debug1: load_hostkeys: fopen /home/[REDACTED]/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'github.com' is known and matches the ED25519 host key.
debug1: Found key in /home/[REDACTED]/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: ssh_get_authentication_socket: Connection refused
debug1: Will attempt key: /home/[REDACTED]/.ssh/github_ecdsa ECDSA SHA256:[REDACTED] explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519#openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256#openssh.com,webauthn-sk-ecdsa-sha2-nistp256#openssh.com>
debug1: kex_input_ext_info: publickey-hostbound#openssh.com=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/[REDACTED]/.ssh/github_ecdsa ECDSA SHA256:[REDACTED] explicit
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
git#github.com's password:
I can see that, near the bottom, it offered the key I configured, but because it moved right on to password authentication, I am assuming it declined my key.
My Home Server
I have the following script:
#!/bin/bash
# generate a key pair
repo=$1
ssh-keygen -t ed25519 -N "" -f .deploy-keys/$repo >/dev/null
# give time to add the public key to github
cat .deploy-keys/$repo.pub
read
# clone using an ssh command that has the identity file set to the private key
git -c core.sshCommand="ssh -vi .deploy-keys/$repo" clone git#github.com:username/$repo
At the read step, I'll do the following:
copy the contents of the public key.
go to https://github.com/username/repo/settings/keys/new
paste the contents into the big box, give it a name, and save
press enter to continue on the script
The verbose output for this one is here (I truncated most of it this time):
...
debug1: kex_input_ext_info: publickey-hostbound#openssh.com=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: .deploy-keys/[REDACTED] ED25519 SHA256:[REDACTED] explicit
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
git#github.com's password:
Again, I can see that it found my key. What gives? I've never had the problem in the past. I've used Windows, MacOS, and Linux machines for this before, but never has this issue been so persistent.
UPDATE
I deleted my known_hosts file, and then added the github fingerprints from the link provided by Chris.C to be safe. I noticed that when I ssh to my home server, I see this fingerprint:
ED25519 key fingerprint is SHA256:5ip0RVW9UxjapS8EiRiO6d9k+SJArVU0NVXDSHjTAVU.
And then when I try to ssh to git#github.com, it shows me an error with the same fingerprint:
The fingerprint for the ED25519 key sent by the remote host is
SHA256:5ip0RVW9UxjapS8EiRiO6d9k+SJArVU0NVXDSHjTAVU.
It appears that my router loopback masquerading is somehow messed up. I confirmed that this fingerprint is the actual one for my home server, and it looks like my router is sending all ssh requests to that server instead of outside the network. Funny thing is, I have similar rules defined for 80 and 443, but those two ports do not experience the same issues. Odd behavior, but my problem is out of scope now for the question I originally asked. Thanks for the help!
Your log shows
debug1: Server host key: ssh-ed25519 SHA256:5ip0RVW9UxjapS8EiRiO6d9k+SJArVU0NVXDSHjTAVU
However github should have below fingerprints.
SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU (Ed25519)
So you're connecting to the wrong github server...
ssh login by authentication is working fine.
C:\Users\${DEVELOPER_NAME}>ssh ${HOST_IP_ADDRESS} -l ${DEVELOPER_NAME} -p ${SSHD_PORT} -i D:\prefix\PuTTY\${OPENSSH_FORMAT_PRIVATE_KEY}
Last login: Sun May 5 15:27:50 2019 from 10.40.171.44
Welcome to ...
[${DEVELOPER_NAME}#${HOST_AKA} ~]$
but sshd is running on 36000 not default 22 port, how can I tell that to vs code remote-ssh plugin
Host ${DEVELOPER_NAME}#${HOST_IP_ADDRESS}
HostName ${HOST_IP_ADDRESS}:${SSHD_PORT}
User ${DEVELOPER_NAME}
Port ${SSHD_PORT}
IdentityFile D:\prefix\PuTTY\${OPENSSH_FORMAT_PRIVATE_KEY}
this way gives me
Can't connect to ${DEVELOPER_NAME}#${HOST_IP_ADDRESS}: unreachable or not Linux x86_64 (ssh: connect to host ${HOST_IP_ADDRESS} port 22: Connection refused)
and
${DEVELOPER_NAME}#${HOST_IP_ADDRESS}:${SSHD_PORT}
in Remote-SSH: Connect to Host... gives me
Can't connect to ${DEVELOPER_NAME}#${HOST_IP_ADDRESS}:${SSHD_PORT}: unreachable or not Linux x86_64 (ssh: Could not resolve hostname ${HOST_IP_ADDRESS}:${SSHD_PORT}: Name or service not known)
Thanks to your question, I solved it. You may have already figured it out ... You do not need to add a port for HostName. Just write Port and it works.
Host ${HOST_NICKNAME}
User ${USER_ID_HOST}
HostName ${HOST_IP_ADDRESS}
Port ${SSHD_PORT}
IdentityFile ~/.ssh/id_rsa-remote-ssh
I have set up sharing an ssh connection on my local machine fine, but when I try and do this on our CI server it is failing and I cant work out why.
the ~/.ssh/config is
StrictHostKeyChecking=no
Host *
ControlMaster auto
ControlPath ~/.ssh/control:%h:%p:%r
ControlPersist 2h
First connection will fail, but will create the socket, second connection will fail as the socket is stale.
The end of the verbose output from first connection is....
$ ssh -vvvv -N user#domain.co.uk
....
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
....
Authenticated to domain.co.uk ([88.47.112.93]:22).
debug1: setting up multiplex master socket
debug3: muxserver_listen: temporary control path /home/rof/.ssh/control:domain.co.uk:22:user.3HfyjbhRCDHGwnrI
debug2: fd 4 setting O_NONBLOCK
debug3: fd 4 is O_NONBLOCK
debug3: fd 4 is O_NONBLOCK
debug1: channel 0: new [/home/rof/.ssh/control:domain.co.uk:22:user]
debug3: muxserver_listen: mux listener channel 0 fd 4
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x08
debug1: control_persist_detach: backgrounding master process
debug2: control_persist_detach: background process is 84004
Control socket connect(/home/rof/.ssh/control:domain.co.uk:22:user): Connection refused
Failed to connect to new control master
debug1: forking to background
debug1: Entering interactive session.
debug2: set_control_persist_exit_time: schedule exit in 7200 seconds
If you run it without the -N option the command input just hangs.
any subsequent ssh connections say the socket is stale and unlink it, thus not using a shared connection.
Any ideas?
For anyone else with this issue, this was due to the fact the the CI server we use uses overlayfs as its filesystem, which doesn't play nice with unix sockets.
To fix this, I saved the socket in virtual memory instead..
ControlPath /var/shm/control:%h:%p:%r
My github isn't connecting. I've tried two different computers and I'm getting the same error so clearly I'm doing something wrong. When I run git push I get prompted for my username / password as expected. Type them in, and yes I'm typing them correctly. Then it says:
fatal: Authentication failed
However when I type ssh -T git#github.com it prompts me for my passphrase and after entering that, it welcomes me to github. I've tried to add the SSH key again and all it says is this SSH key is already on the account. Someone let me know what I'm missing?
When I try to login it shows:
Password for http://(UserName)#www.github.com:
Is that correct?
More Information: Here's the output of ssh-vT git#github.com:
$ ssh-add -l
Could not open a connection to your authentication agent.
_
$ ssh -vT git#github.com
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Connecting to github.com [192.30.252.129] port 22.
debug1: Connection established.
debug1: identity file /l/.ssh/identity type -1
debug1: identity file /l/.ssh/id_rsa type 1
debug1: identity file /l/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debia
n-5ubuntu1+github5
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1+github5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /l/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /l/.ssh/identity
debug1: Offering public key: /l/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi ____! You've successfully authenticated, but GitHub does not provide shell ac
cess.
debug1: channel 0: free: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 1
Try instead of linking to github through http go through ssh. do git remote set-url origin <ssh url> and then try doing git push
The ssh url should be something like git#github.com...
You can try ...
1 Edit your remote repository
git remote set-url origin your-remote-repository-ssh-url
2 Push your code.
git push origin ...
Where will you find your ssh-url?
1 In your repositories page
2 Click ssh link and copy your ssh-url
If you have this problem, you have basically two solutions as your options:
If you insist on using HTTPS to connect to Github, you'll need to get a Personal Access Token from your account on Github instead of your password.
You'll need to switch to SSH and use that to login.
For both options, check out this Stack Overflow question and its excellent first answer for how to go about implementing them.
i am sure i upload my ssh key to github, and i also give the folder and file right permition. but i still got this. anyidea?
➜ python-google ssh -vT github.com
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug1: Connecting to github.com [0.0.62.138] port 22.
debug1: Connection established.
debug1: identity file /Users/seeker/.ssh/id_rsa type 1
debug1: identity file /Users/seeker/.ssh/id_rsa-cert type -1
debug1: identity file /Users/seeker/.ssh/id_dsa type -1
debug1: identity file /Users/seeker/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6+squeeze1+github8
debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1+github8 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /Users/seeker/.ssh/known_hosts:1
Warning: Permanently added the RSA host key for IP address '0.0.62.138' to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/seeker/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/seeker/.ssh/id_dsa
debug1: No more authentication methods to try.
i am sure i upload my ssh key to github, and i also give the folder and file right permition.
but i still got this. anyidea?
Check if your ssh public key has been copied as one line: It is easy to copy it in multiple lines in the GitHub ssh field.
If is only if your public key is correctly copied and imported on GitHub that /Users/seeker/.ssh/id_rsa(.pub) will work (if your ssh directory is properly protected).
Connecting to github.com [0.0.62.138] port 22.
The GitHub page clearly mentions:
# debug1: Reading configuration data /Users/you/.ssh/config
# debug1: Reading configuration data /etc/ssh_config
# debug1: Applying options for *
# debug1: Connecting to github.com [207.97.227.239] port 22.
The connection should be to 207.97.227.239 on port 22, unless you're overriding settings to use SSH over HTTPS.
Plus make sure you are using / declaring the git user in your config file.
Remove your ~/.ssh/config file, and try a:
ssh -vT git#github.com
You haven't specified which user you'd like to authenticate as. When authenticating to GitHub, the user should always be git — not your individual username.
Try ssh -vT git#github.com .
Please note that GitHub does not provide shell access.
You need to update your puplic key on github so that you can push. Please follow steps:
you an test your key/ssh connection as mentioned here