Skip to content

Instantly share code, notes, and snippets.

@mcandre

mcandre/git-ssh-access-faq.md

Last active October 16, 2024 14:21
Show Gist options
  • Save mcandre/29e7aad47c0fcff9a6d1 to your computer and use it in GitHub Desktop.
Save mcandre/29e7aad47c0fcff9a6d1 to your computer and use it in GitHub Desktop.
Download ZIP
Git/SSH Access Frequently Asked Questions
Raw
git-ssh-access-faq.md

Git/SSH Access FAQ

If you see Access denied, or other error messages when trying to access a git repository or SSH server, here are some steps you can take to resolve the problem.

Enable verbose mode

When in doubt, run ssh -vvv <other options...> to enable more verbose logging.

How do I request git repo / ssh permissions?

Ask your GitHub, GitLab, or ssh administrator to grant you permissions. For example, if you mostly work on master in GitLab, you may want Master permissions on the projects you work on.

Administrators

How do I quickly fix SSH keys?

When in doubt, try creating new SSH keys, without password protection, and resubmitting the new public key to GitHub, GitLab, or whichever git or SSH server you are using.

$ rm $HOME/.ssh/id_rsa*
$ ssh-keygen -t rsa -C <your email address>
Enter file in which to save the key ($HOME/.ssh/id_rsa): [Press enter]
Enter passphrase (empty for no passphrase): [Press enter]
Enter same passphrase again: [Press enter]

Your identification has been saved in $HOME/.ssh/id_rsa.
Your public key has been saved in $HOME/.ssh/id_rsa.pub.
The key fingerprint is:
01:0f:f4:3b:ca:85:d6:17:a1:7d:f0:68:9d:f0:a2:db <email address>

$ cat $HOME/.ssh/id_rsa.pub

Then copy & paste public key file contents into GitHub/GitLab/etc.'s new ssh key page.

Where do I get help with git / SSH keys?

The git community is very helpful for troubleshooting SSH key problems. Ask and ye shall receive.

IRC

  • irc://irc.freenode.net:6697/#git
  • irc://irc.freenode.net:6697/#github
  • irc://irc.freenode.net:6697/#gitlab
  • irc://irc.freenode.net:6697/#bitbucket
  • irc://irc.freenode.net:6697/#ssh

Reddit

SuperUser

http://superuser.com/search?q=ssh+key

Tutorials

How do I configure SSH keys?

Path User/Owner Group Permissions chmod code
$HOME/.ssh/known_hosts $USER staff -rw-r--r-- 0644
$HOME/.ssh/authorized_keys (on server) $USER staff -rw------- 0600
$HOME/.ssh/id_rsa $USER staff -rw------- 0600
$HOME/.ssh/id_rsa.pub $USER staff -rw-r--r-- 0644
$HOME/.ssh/config $USER staff -r-------- 0400
$HOME/.ssh $USER staff drwx------ 0700
$HOME $USER staff drwxr-xr-x+ 0755
/home (Linux) root admin drwxr-xr-x+ 0755
/Users (Mac OS X) root admin drwxr-xr-x+ 0755
C:\Users (Windows) Administrators - - -

For each of these paths, use sudo ls -Ahl <path>/sudo chmod <code> <path> to observe/enforce the correct file permissions.

Windows users may substitute %HOME% for $HOME, unless in Git Bash, MSYS, or other cygwin environments.

These permissions can be scanned automatically via the carrots security tool.

known_hosts

Sometimes SSH will silently fail when there's a discrepancy between the information in $HOME/.ssh/known_hosts on the client and the IP address / hostname of the server. This can happen, for example, if the server uses DHCP and changes IP addresses. To fix this, delete any related entries in $HOME/.ssh/known_hosts on the client, and consider configuring the server with a static IP address.

How do I configure SSH servers?

Confirm that /etc/ssh/sshd_config is configured with PubkeyAuthentication yes. If necessary, restart the ssh service with service ssh restart or /etc/init.d/ssh restart.

Credentials Validation & Git User Confirmation

SSH keypairs are used as credentials to authenticate users. A keypair may be associated with various git/SSH accounts. Fortunately, SSH supports an option to quickly validate authentication and confirm the name of the account:

$ ssh -T [email protected]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment