git permission denied (publickey) when verify connection

Question

I get subject error when try to do following

$ ssh -T git@github.com
Permission denied (publickey).

.ssh permission

$ ls -al
total 33
drwxr-xr-x+ 1 MyUser AGL+Group(513)    0 Feb 27 16:53 .
drwxrwxrwt+ 1 MyUser AGL+Group(513)    0 Jan 10 16:12 ..
-rw-------  1 MyUser AGL+Group(513) 1667 Feb 28 18:01 .bash_history
-rwxr-xr-x  1 MyUser AGL+Group(513) 1494 Jan  9 20:45 .bash_profile
-rwxr-xr-x  1 MyUser AGL+Group(513) 6054 Jan  9 20:45 .bashrc
-rw-r--r--  1 MyUser AGL+Group(513)   55 Feb 27 16:37 .gitconfig
-rwxr-xr-x  1 MyUser AGL+Group(513) 1919 Jan  9 20:45 .inputrc
-rwxr-xr-x  1 MyUser AGL+Group(513) 1236 Jan  9 20:45 .profile
drwx------+ 1 MyUser AGL+Group(513)    0 Feb 28 17:46 .ssh

I did following steps before this

Generated ssh keys and stored in .ssh folder
Check ssh agent

$ ps aux |grep ssh 7236 1 7236 7236 ? 1138370 18:26:09 /usr/bin/ssh-agent
Added public key id_dsa.pub to github account through settings

MyUser@PC000009416062 ~/.ssh $ ssh -v -T git@github.com OpenSSH_7.1p2, OpenSSL 1.0.2f 28 Jan 2016 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to github.com [192.30.252.129] port 22. debug1: Connection established. debug1: key_load_public: No such file or directory debug1: identity file /home/MyUser/.ssh/id_rsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/MyUser/.ssh/id_rsa-cert type -1 debug1: identity file /home/MyUser/.ssh/id_dsa type 2 debug1: key_load_public: No such file or directory debug1: identity file /home/MyUser/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/MyUser/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/MyUser/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/MyUser/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/MyUser/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.1 debug1: Remote protocol version 2.0, remote software version libssh-0.7.0 debug1: no match: libssh-0.7.0 debug1: Authenticating to github.com:22 as 'git' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ssh-rsa SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8 debug1: Host 'github.com' is known and matches the RSA host key. debug1: Found key in /home/MyUser/.ssh/known_hosts:2 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/MyUser/.ssh/id_rsa debug1: Skipping ssh-dss key /home/MyUser/.ssh/id_dsa for not in PubkeyAcceptedKeyTypes debug1: Trying private key: /home/MyUser/.ssh/id_ecdsa debug1: Trying private key: /home/MyUser/.ssh/id_ed25519 debug1: No more authentication methods to try. Permission denied (publickey).

I tried following few solutions in this forum also but no luck. I am using Cygwin to do this

Solution 1

Solution 2

Verify your permissions. Could you please edit your post with the permissions of directory .ssh ? — Dunatotatos, Feb 28 '16 at 07:47
Could you also edit your post with the full outpout of `ssh -v -T git@github.com` ? — Dunatotatos, Feb 28 '16 at 07:49

Jakuje · Accepted Answer · 2016-02-28T10:59:08.937

4

debug1: Skipping ssh-dss key /home/MyUser/.ssh/id_dsa for not in PubkeyAcceptedKeyTypes

You generated dsa key, which is not supported by default. You need to add

PubkeyAcceptedKeyTypes +ssh-dss

into your ~/.ssh/config, or rather generate standard RSA keys, which work without issues.

edited Feb 28 '16 at 10:59

answered Feb 28 '16 at 10:45

Jakuje

24,773
12
69
75

I get `Bad key types '+ssh-dsa'. ` after adding that line to config – Shabar Feb 28 '16 at 10:57
sorry, `dss` should be there. Fixed now. – Jakuje Feb 28 '16 at 10:59

score 2 · Answer 2 · answered Feb 28 '16 at 08:11

2

because it seems you're using dsa not the default rsa. you need to add a line to enable it in you ssh client config.

below are the message that I retrieved from this link

rsa support is on by default but dsa/dss support is enabled by the following:

Add line in your ssh client "config" file.

PubkeyAcceptedKeyTypes ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2

-Name the config file "config" and place it in the users home directory/.ssh in windows. /users/myname/.ssh/config

in the current build, the client config file is to be named ssh_config instead of "config"

The sshd server side should also have the following entry in sshd_config file: PubkeyAcceptedKeyTypes ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2 restart the sshd server after making these changes

answered Feb 28 '16 at 08:11

kucing_terbang

4,991
2
22
28

In my case since I am using `Cygwin ` , Should I update config file under `C:\cygwin64\home\MyUser\.ssh `? as I have few other `.ssh ` folders as well. Further since I am connecting to `github ` my account how I am doing the last step in your solution? – Shabar Feb 28 '16 at 08:22
@MPH : yes, I think it should be in `C:\cygwin64\home\MyUser\.ssh`. For the second question, I think you can skip the last step because, it seems that github able to accept dsa key. (https://help.github.com/articles/what-are-github-s-ssh-key-fingerprints/) – kucing_terbang Feb 28 '16 at 08:31
I added the mentioned line with `# ` in front, because otherwise I get error ` /home/MyUser/.ssh/config line 49: Bad key types 'ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2'. Further copy `ssh_config ` from `/etc ` to `.ssh ` folder and change the name to `config ` as specified. still same output for `$ ssh -v -T git@github.com `. Am I doing anything different? – Shabar Feb 28 '16 at 08:44
hmmm, can you try to run `ssh -Q key` to check what kind of key types that your client supported? – kucing_terbang Feb 28 '16 at 09:24
` $ ssh -Q key ssh-ed25519 ssh-ed25519-cert-v01@openssh.com ssh-rsa ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-rsa-cert-v01@openssh.com ssh-dss-cert-v01@openssh.com ecdsa-sha2-nistp256-cert-v01@openssh.com ecdsa-sha2-nistp384-cert-v01@openssh.com ecdsa-sha2-nistp521-cert-v01@openssh.com ` – Shabar Feb 28 '16 at 09:40
seems that `ecdsa-sha2` key type is not supported in your current version. Could you try to remove the value and try again – kucing_terbang Feb 28 '16 at 12:03

git permission denied (publickey) when verify connection

2 Answers2