today I've moved my private github repository to newly created organization (of which I'm an owner). I've changed my remote origin to git#github.com:organization/repo.git. I'm not able to push to remote because I've got an error saying
Error: Permission to organization/repo.git denied to MyGithubUsername.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
I've checked that my account is owner of organization and repository exists.
Disable third-party application access restrictions as suggested in atom/github #1010.422882361.
I ran into this problem today and indeed as Ephellon Dantzler suggests, disabling 3rd-party access restrictions fixed it.
However, I did not really like that solution so I started reading the documentation. On the About OAuth App access reistrictions page, Github mentions that enabling 3rd party restrictions will block:
SSH keys created before February 2014 immediately lose access to the organization's resources (this includes user and deploy keys).
I created my key well before that so I just created a new SSH key and added to Github following their instructions.
After that, I was able to interface with my organization's private repository even when 3rd-party access restrictions was enabled.
I managed to find an answer. Maybe I did something wrong, or maybe it was because of github issues, but even if I was stated as an owner of Organization I had only rights to read repository. I couldn't change permission for myself because "you can't change permission for owner". I changed permissions for all members to admin, and because for now I'm the only one member of organization it's not a big deal.
The solution I found to this problem was creating a P.A.T (Personal Access Token) and using it in the spot of my password when pushing to the repo.
The way you can create a P.A.T is by going to:
Github.com >Login> Settings> Developer Settings> Personal Access Tokens > Generate New Token. I selected all the options for my token and then copied the token that was generated and used it as my password when I was asked to enter my credentials.
This took me a few hours to figure out and was very frustrating. I hope this info can help someone else!
Using GitHub Desktop..I was having a weird bug where I was owner of the organization, and admin of the repo(I had full rights) on my organization's repo. I decided to go into the command line, and push from there (Type "git push") and that fixed it!
It pushed, and I could now push from GitHub Desktop again.
Weird, but hope it helps someone!
For me, everything was ok in the Settings and with my key. Yet Github Desktop could not push (or even fetch) to/from the remote because it didn't trust the IP address. To find and fix I switched to the CLI and ran:
git fetch
which replied with
The authenticity of host 'github.com (140.82.114.4)' can't be established.
RSA key fingerprint is SHA256:<long string>.
Are you sure you want to continue connecting (yes/no)?
therefore revealing the issue. Either Github has changed their IP or I hadn't connected to this repo on my new machine (with the old key). Replying yes added the IP to my .ssh/known_hosts and then Github Desktop worked just fine again.
Warning: Permanently added 'github.com,140.82.114.4' (RSA) to the list of known hosts.
So I ran into this issue recently with an SSH key generated in 2018 and Ephellon Grey's answer pointed me in the right direction. My personal SSH key was added to GitHub by SourceTree and SourceTree was not an authorized third-party app on my organization page. Hence pushes authorized with that SSH key were being rejected. I just had to grant third-party access to SourceTree on the organization and now I can push to repos contained within.
Related
I'm trying to push some files to my new(second) Github account through terminal. I've tried so many times with similar questions, but it keeps saying this below
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
To be more specific, at first, I had a Github account(First) and I was able to do 'push' or 'pull' function using SSH URL, but this problem happens when I try to push some files to a new repository of the new account(Second). I've also tried removing the URL, but still it didn't work, and now I'm at a loss about what to do.
Someone said I can use Https URL instead of SSH URL, but I want to resolve this problem not avoiding things that happened.
Thanks!:D
SSH authentication keys are only valid for an Account.
If you made a new Github account and create the repository with this account, you will need to grant read permission at least for your first Github account to be able to access it.
We have a private repository on GitHub for our company's project. Initially i started off the repository, therefore current owner is me. But as the team grew we started to feel an urge to create a organization on GitHub which enables roles etc.
Current situation:
several distinct development machines are connected to the repository
by 'personal access tokens'. So their authentication is cached globally.
Live (production) server that is connected to the repository, with an 'SSH key' .
Test (development) server also connected to the repository. But it asks for authentication each time (username and password/PAT)
In this case, if a transfer the ownership of the repository from my account to company's organization: what I'll possibly break ? I've read that GitHub will redirect old URL to the repository will point to the new URL. But still, i think SSH key on the live server is likely to fail.
Can you please inform me about possible outcomes ? Thank you.
Edit 1: Results
Here is the results if anyone stumbles upon this post.
Old remote URL worked just fine, as stated in GitHub docs on transferring ownership. But we decided it's for the best to change the remote URL to new one, just in case.
Development machines with PAT worked just fine. No issue has been encountered.
We updated Live (production) server's origin remote URL right away so there won't be any funny business. SSH key had to be updated to comfort the new URL.
Test is still using old URL without any issue.
Generally, personal access tokens work based on the owner's access permissions, so if you continue to retain access to the repository, then those will continue to work. The same is true of SSH keys associated with the account. Similarly, other users who have their own PATs or SSH keys and continue to retain access will have those PATs or keys continue to work.
Ideally for most automated system purposes, you'll want to use SSH with deploy keys, because those are associated with the repository, so if someone leaves the company, things won't break. If you need to have individual users log into a server and pull, just have them forward their SSH agent.
If you need PATs for automated processes, such as for making API calls, you'll want to make a bot account and grant it access to the repository. That's much easier than trying to use individual people's PATs and again, it prevents employees who leave the company from breaking things when they lose access.
Recently I have been added as a contributor to a program allowing me to make some changes but I can't git push my fixed code to the repo.
The error is as follows:
remote: Permission denied to myusername.
fatal: unable to access 'program URL': The requested URL returned error: 403
I can create a pull request to modify the file but my instructor said it would be troublesome if he had to check the request and merge them every time so he added me as a contributor.
I googled my question and some said I need to add my SSH key to my instructor's account, but does it mean I have permissions to all repo of my instructor?
I'm just a beginner in github, many thanks for your help!
You need to have an SSH key for your own account (not your instructor's). If he added you as a contributor and you cloned the repository via SSH (as it seems you did), Github will check your personal SSH key to identify you whenever you try to push.
Just follow these steps to add your SSH key to your account: https://docs.github.com/en/github/authenticating-to-github/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account
I have followed the process described in Multiple GitHub Accounts & SSH Config (stefano's answer) and have set up SSH access to multiple repositories using deploy keys. I've tried that on repositories of a specific GitHub organization and it works fine - I can pull and push changes. I've also tried this on my user area and it still works great.
However, when trying this on repositories in another GitHub organization (e.g. when doing a git push) it fails with the following error
ERROR: Permission to XXXX/YYYY.git denied to deploy key
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
When checking SSH access through ssh -T I get
"Hi XXX/YYYY! You've successfully authenticated, but GitHub does not provide shell access."
which suggests that SSH should be working.
I have gone through the organization settings (main page for GitHub organization > Settings) and they have pretty much identical settings, except from what you would expect to be different e.g. contact email etc.
I was wondering if anyone has any ideas about what could be causing this. Are there any more organization settings somewhere by any chance?
ERROR: Permission to XXXX/YYYY.git denied to deploy key
This looks like you are trying to push using a deploy key. This key is used for deployment and therefore only to read-only access of your repository. Make sure you have the key which is enrolled in your github account, make sure it is used (IdentityFile in ~/.ssh/config) and get rid of the deploy key from the standard location which is picked by default (~/.ssh/id_{rsa,dsa,ecdsa,ed25519}). Note, that if there are more "valid" keys, only the firs succeeds.
We recently moved our github from one account owner to another, and now all of the sudden when I do a git pull or any git command on the remote repo, it asks me for github username and password.
My git-config says:
[github]
user = kamilski81
token = *********
Any idea how I can stop it asking me for credentials and remember everything, does the new owner have to setup my ssh keys or something of that sort?
Following this article sorted it out for me:
https://help.github.com/articles/why-is-git-always-asking-for-my-password
git remote set-url origin git#github.com:user/repo.git
The github username and token in the gitconfig is only used for interactions with the GitHub API (for instance the hub gem and the github tool).
If you are pushing and pulling from a GitHub repository over https, then you need to specify your credentials every time, or hook into a password manager to remember the credentials for you. How to do this depends on your platform.
The easiest thing to do is to go to your github account and submit your SSH public key to your account, and then switch your github remote to push/pull over ssh instead of https.
[edit] After re-reading the question I noticed that you mentioned it was previously a GitHub repo that was just moved from one owner to another. If that's the case, and you ARE able to push and pull by specifying your credentials, it sounds to me to be one of two scenarios:
The previous remote used ssh, and GitHub has your SSH key; but when the owner changed and you updated the remote, you updated it to go over https.
The previous remote used https, but you had a password manager setup correctly to deal with your credentials, which no longer works.
After doing "remote -v"....the issue was that my remote was using an "https" remote rather than "git" remote. Changing the remote to use git rather than https solved everything.
If you execute only once git pull and Git client still asking you the credential without do the git pull for you, the problem should be because your credential is incorrect or not setup yet.
but if you get the dialog ask for credential one for each operation, it mean that your credential isn't remembered. To do that, you may use Pageant to store your SSH private key, so, everytime you do something, it will retrieve your credential from Pageant instead to asking you.