I want to use 443 port to connect to github.
So I add blow code into ~/.ssh/config
Host github.com
HostName ssh.github.com
User git
IdentityFile ~/.ssh/id_rsa.github
Port 443
But It didn't work.
some try:
first, I try ssh -v git#ssh.github.com
OpenSSH_9.2p1, OpenSSL 3.0.8 7 Feb 2023
debug1: Reading configuration data /home/user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to ssh.github.com [20.205.243.160] port 22.
It show that, connection still use port 22.
and then I try ssh -v git#ssh.github.com -p 443
OpenSSH_9.2p1, OpenSSL 3.0.8 7 Feb 2023
debug1: Reading configuration data /home/user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to ssh.github.com [20.205.243.160] port 443.
...
debug1: No more authentication methods to try.
git#ssh.github.com: Permission denied (publickey).
It show that, connection didn't find my publickey.
So finally I try ssh -v git#ssh.github.com -p 443 -i ~/.ssh/id_rsa.github
...
Connection to ssh.github.com closed.
Transferred: sent 3460, received 2724 bytes, in 0.8 seconds
Bytes per second: sent 4383.9, received 3451.4
debug1: Exit status 1
The connection is correct.
Besides, others config in my ~/.ssh/config work.
To use your Host config setting, you need to use your Host section name
ssh -Tv github.com
(no need for git#, since you have a User git in your config file Host github.com section)
Then you can check it uses the right port and private key.
I am trying to set up an ssh key on my github account, but it is continually rejected by the github server. My client is an Ubuntu based system.
On Ubuntu, I created a public and private key, stored in ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub. Permissions for ~/.ssh are 700, for id_rsa are 600, and for id_rsa.pub are 644.
When I created the key (on Ubuntu, with ssh-keygen) the sha256 fingerprint computed and displayed by ssh-keygen matches exactly the fingerprint displayed in my github account (settings > account settings > SSH and GPG keys) for that key after I've pasted it into github and clicked on [Save]. Therefore, I am certain the public key I stored in github was correctly pasted and stored in my github account.
Nevertheless, when I attempt to ssh to github I get permission denied. So I increased the logging level from the client ssh application and have pasted the output below.
The command I issued was...
ssh -vvv -T zzzzz60#github.com
Looking through the debug output, I see two clues ...
debug1: Remote protocol version 2.0, remote software version babeld-0843ac0d
debug1: no match: babeld-0843ac0d
... which seems to be telling me that the ssh daemon on github is not one that my Ubuntu ssh client knows about. I am not sure how much of an issue this is. My guess is that it is merely a warning. FWIW, it does report ssh protocol 2.0 - which is the same protocol version being used by my Ubuntu client.
A much more significant log entry is this...
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
... packet type '51' is defined as SSH_MSG_USERAUTH_FAILURE (per IANA SSH List).
That is certainly significant! However, it only tells us that github did not like our key for some reason. It does NOT explain why it did not like our key.
I've been unable to progress any further. I keep hitting a brick was at this point. I cannot understand why github is rejecting this key. It's fingerprint matches exactly the value displayed by ssh-keygen.
So that's where I'm at. I've seen similar questions here ... but no solutions. My hope is that by supplying the debug output someone might have a clue.
Here is the complete debug output...
% ssh -vvvT zzzzz60#github.com
OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "github.com" port 22
debug2: ssh_connect_direct
debug1: Connecting to github.com [140.82.113.3] port 22.
debug1: Connection established.
debug1: identity file /home/zzzzz60/.ssh/id_rsa type 0
debug1: identity file /home/zzzzz60/.ssh/id_rsa-cert type -1
debug1: identity file /home/zzzzz60/.ssh/id_dsa type -1
debug1: identity file /home/zzzzz60/.ssh/id_dsa-cert type -1
debug1: identity file /home/zzzzz60/.ssh/id_ecdsa type -1
debug1: identity file /home/zzzzz60/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/zzzzz60/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/zzzzz60/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/zzzzz60/.ssh/id_ed25519 type -1
debug1: identity file /home/zzzzz60/.ssh/id_ed25519-cert type -1
debug1: identity file /home/zzzzz60/.ssh/id_ed25519_sk type -1
debug1: identity file /home/zzzzz60/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/zzzzz60/.ssh/id_xmss type -1
debug1: identity file /home/zzzzz60/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
debug1: Remote protocol version 2.0, remote software version babeld-0843ac0d
debug1: no match: babeld-0843ac0d
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to github.com:22 as 'zzzzz60'
debug3: hostkeys_foreach: reading file "/home/zzzzz60/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/zzzzz60/.ssh/known_hosts:4
debug3: load_hostkeys: loaded 1 keys from github.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,ssh-ed25519-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256#openssh.com,ssh-ed25519,sk-ssh-ed25519#openssh.com
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes256-gcm#openssh.com,aes128-gcm#openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes256-gcm#openssh.com,aes128-gcm#openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc
debug2: MACs ctos: hmac-sha2-512-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1-etm#openssh.com,hmac-sha1
debug2: MACs stoc: hmac-sha2-512-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1-etm#openssh.com,hmac-sha1
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ssh-rsa SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8
debug3: hostkeys_foreach: reading file "/home/zzzzz60/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/zzzzz60/.ssh/known_hosts:4
debug3: load_hostkeys: loaded 1 keys from github.com
debug3: hostkeys_foreach: reading file "/home/zzzzz60/.ssh/known_hosts"
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /home/zzzzz60/.ssh/known_hosts:4
Warning: Permanently added the RSA host key for IP address '140.82.113.3' to the list of known hosts.
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/zzzzz60/.ssh/id_rsa RSA SHA256:zj5+CcvII4ZfOQhehs+eVrAI6bO19QBOYUKpnJteanM agent
debug1: Will attempt key: /home/zzzzz60/.ssh/id_dsa
debug1: Will attempt key: /home/zzzzz60/.ssh/id_ecdsa
debug1: Will attempt key: /home/zzzzz60/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/zzzzz60/.ssh/id_ed25519
debug1: Will attempt key: /home/zzzzz60/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/zzzzz60/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info:server-sig-algs=<ssh-ed25519-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp256-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,sk-ssh-ed25519#openssh.com,sk-ecdsa-sha2-nistp256#openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/zzzzz60/.ssh/id_rsa RSA SHA256:zj5+CcvII4ZfOQhehs+eVrAI6bO19QBOYUKpnJteanM agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/zzzzz60/.ssh/id_dsa
debug3: no such identity: /home/zzzzz60/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/zzzzz60/.ssh/id_ecdsa
debug3: no such identity: /home/zzzzz60/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/zzzzz60/.ssh/id_ecdsa_sk
debug3: no such identity: /home/zzzzz60/.ssh/id_ecdsa_sk: No such file or directory
debug1: Trying private key: /home/zzzzz60/.ssh/id_ed25519
debug3: no such identity: /home/zzzzz60/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /home/zzzzz60/.ssh/id_ed25519_sk
debug3: no such identity: /home/zzzzz60/.ssh/id_ed25519_sk: No such file or directory
debug1: Trying private key: /home/zzzzz60/.ssh/id_xmss
debug3: no such identity: /home/zzzzz60/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
zzzzz60#github.com: Permission denied (publickey).
The problem is the username. For GitHub, all SSH operations work over the git username and you're identified solely by your key. So you'd need to do ssh -vvv -T git#github.com.
It is the case that OpenSSH doesn't know specifically about babeld, the SSH service on GitHub, but it should work fine nevertheless. OpenSSH knows about some particular SSH servers in order to apply workarounds for broken behavior (such as an incompatible implementation of curve25519-sha256#libssh.org in some older OpenSSH versions), but babeld doesn't have those problems, so that means it should work just fine.
I tried to install windows OpenSSH Server feature also tried to manually install OpenSSH in C:/Program Files/OpenSSH but for both when i try to connect it ask for password I enter correct but it says Permission denied always. It was working fine but after some time started to face this issue. I tried to manually run the sshd server with -d option and it gives the following logs
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 Debian-10+deb10u2
debug1: match: OpenSSH_7.9p1 Debian-10+deb10u2 pat OpenSSH* compat 0x04000000
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: algorithm: curve25519-sha256 [preauth]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none [preauth]
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: rekey out after 134217728 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: Sending SSH2_MSG_EXT_INFO [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: rekey in after 134217728 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user aawais#domain service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: user domain\\aawais matched group list administrators at line 84
User domain\\aawais not allowed because shell c:\\program files\\powershell\\7\\pwsh.exe does not exist
debug1: userauth-request for user aawais#domain service ssh-connection method keyboard-interactive [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: keyboard-interactive devs [preauth]
debug1: auth2_challenge: user=aawais#domain devs= [preauth]
debug1: kbdint_alloc: devices '' [preauth]
debug1: userauth-request for user aawais#domain service ssh-connection method password [preauth]
debug1: attempt 2 failures 1 [preauth]
debug1: Windows authentication failed for user: NOUSER domain: . error: 1326
and following is my sshd_config file
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey __PROGRAMDATA__/ssh/ssh_host_rsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_dsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_ecdsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
MaxAuthTries 600
#MaxSessions 10
PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
# For this to work you will also need host keys in %programData%/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#PermitUserEnvironment no
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp sftp-server.exe
# Example of overriding settings on a per-user basis
#Match User anoncvs
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
Match Group administrators
AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys
What might be the cause of this problem?
Default shell location was incorrect and I found this in server debug logs mentioned in question i-e
User domain\\aawais not allowed because shell c:\\program files\\powershell\\7\\pwsh.exe does not exist
execute following command to set default shell
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
My github isn't connecting. I've tried two different computers and I'm getting the same error so clearly I'm doing something wrong. When I run git push I get prompted for my username / password as expected. Type them in, and yes I'm typing them correctly. Then it says:
fatal: Authentication failed
However when I type ssh -T git#github.com it prompts me for my passphrase and after entering that, it welcomes me to github. I've tried to add the SSH key again and all it says is this SSH key is already on the account. Someone let me know what I'm missing?
When I try to login it shows:
Password for http://(UserName)#www.github.com:
Is that correct?
More Information: Here's the output of ssh-vT git#github.com:
$ ssh-add -l
Could not open a connection to your authentication agent.
_
$ ssh -vT git#github.com
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Connecting to github.com [192.30.252.129] port 22.
debug1: Connection established.
debug1: identity file /l/.ssh/identity type -1
debug1: identity file /l/.ssh/id_rsa type 1
debug1: identity file /l/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debia
n-5ubuntu1+github5
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1+github5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /l/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /l/.ssh/identity
debug1: Offering public key: /l/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi ____! You've successfully authenticated, but GitHub does not provide shell ac
cess.
debug1: channel 0: free: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 1
Try instead of linking to github through http go through ssh. do git remote set-url origin <ssh url> and then try doing git push
The ssh url should be something like git#github.com...
You can try ...
1 Edit your remote repository
git remote set-url origin your-remote-repository-ssh-url
2 Push your code.
git push origin ...
Where will you find your ssh-url?
1 In your repositories page
2 Click ssh link and copy your ssh-url
If you have this problem, you have basically two solutions as your options:
If you insist on using HTTPS to connect to Github, you'll need to get a Personal Access Token from your account on Github instead of your password.
You'll need to switch to SSH and use that to login.
For both options, check out this Stack Overflow question and its excellent first answer for how to go about implementing them.
So I've been wrestling with Capistrano a lot, and I think I've always got it to deploy.
The issue I'm having now is that doing a cap deploy gives me:
Chintan at mbp in ~/Documents/Work/faxattach on master!
± cap deploy
/Users/Chintan/.rvm/gems/ruby-1.9.3-p0/gems/bundler-1.2.3/lib/bundler/runtime.rb:197: warning: Insecure world writable dir /usr/local/bin in PATH, mode 040777
triggering load callbacks
* 2013-07-03 16:13:56 executing `staging'
triggering start callbacks for `deploy'
* 2013-07-03 16:13:56 executing `multistage:ensure'
* 2013-07-03 16:13:56 executing `deploy'
* 2013-07-03 16:13:56 executing `deploy:update'
** transaction: start
* 2013-07-03 16:13:56 executing `deploy:update_code'
executing locally: "git ls-remote git#github.com:chintanparikh/faxattach.git HEAD"
command finished in 611ms
* executing "git clone -q git#github.com:chintanparikh/faxattach.git /srv/www/faxattach/releases/20130703201357 && cd /srv/www/faxattach/releases/20130703201357 && git checkout -q -b deploy a237b155f1fe4acef23ad4b594749c567a213117 && (echo a237b155f1fe4acef23ad4b594749c567a213117 > /srv/www/faxattach/releases/20130703201357/REVISION)"
servers: ["faxattach-staging-new"]
[faxattach-staging-new] executing command
** [faxattach-staging-new :: out] Permission denied (publickey).
** [faxattach-staging-new :: out] fatal: The remote end hung up unexpectedly
command finished in 1286ms
*** [deploy:update_code] rolling back
* executing "rm -rf /srv/www/faxattach/releases/20130703201357; true"
servers: ["faxattach-staging-new"]
[faxattach-staging-new] executing command
command finished in 572ms
failed: "rvm_path=/usr/local/rvm /usr/local/rvm/bin/rvm-shell 'ruby-1.9.3-p327#faxattach' -c 'git clone -q git#github.com:chintanparikh/faxattach.git /srv/www/faxattach/releases/20130703201357 && cd /srv/www/faxattach/releases/20130703201357 && git checkout -q -b deploy a237b155f1fe4acef23ad4b594749c567a213117 && (echo a237b155f1fe4acef23ad4b594749c567a213117 > /srv/www/faxattach/releases/20130703201357/REVISION)'" on faxattach-staging-new
However, if I manually ssh into my server and then do a ssh -vT git#github.com, it works fine:
faxattach at ip-10-164-71-243 in ~
○ ssh -vT git#github.com
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to github.com [204.232.175.90] port 22.
debug1: Connection established.
debug1: identity file /home/faxattach/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/faxattach/.ssh/id_rsa-cert type -1
debug1: identity file /home/faxattach/.ssh/id_dsa type -1
debug1: identity file /home/faxattach/.ssh/id_dsa-cert type -1
debug1: identity file /home/faxattach/.ssh/id_ecdsa type -1
debug1: identity file /home/faxattach/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6+squeeze1+github12
debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1+github12 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /home/faxattach/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/faxattach/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([204.232.175.90]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: Remote: Forced command: gerve chintanparikh c3:ff:25:e1:30:be:c7:37:51:b5:87:7c:46:dc:c0:c7
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Remote: Forced command: gerve chintanparikh c3:ff:25:e1:30:be:c7:37:51:b5:87:7c:46:dc:c0:c7
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_CTYPE = en_US.UTF-8
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
Hi chintanparikh! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2816, received 2984 bytes, in 0.1 seconds
Bytes per second: sent 33714.5, received 35725.9
debug1: Exit status 1
Any ideas?
Add this to your config/deploy.rb
set :ssh_options, { :forward_agent => true }
If you're using your own private keys for git, you want to tell Capistrano to use agent forwarding with this command. Agent forwarding can make key management much simpler as it uses your local keys instead of keys installed on the server.
Source: Agent Forwarding Topic.
and make sure the user is not sudo in config/deploy.rb:
set :use_sudo, false
as in the logs you have attached, you are logged in as faxattach ( which is perhaps not sudo).
The ssh connection that fails is made to the server, not to github.
You should check if you can get on the server with this key.
If not you should add the public key to the servers .ssh/authorized_keys.
Also check if the user for the server is correct and exists.