2

I have followed the process described in Multiple GitHub Accounts & SSH Config (stefano's answer) and have set up SSH access to multiple repositories using deploy keys. I've tried that on repositories of a specific GitHub organization and it works fine - I can pull and push changes. I've also tried this on my user area and it still works great.

However, when trying this on repositories in another GitHub organization (e.g. when doing a git push) it fails with the following error

ERROR: Permission to XXXX/YYYY.git denied to deploy key
fatal: Could not read from remote repository.

Please make sure you have the correct access rights

When checking SSH access through ssh -T I get

"Hi XXX/YYYY! You've successfully authenticated, but GitHub does not provide shell access."

which suggests that SSH should be working.

I have gone through the organization settings (main page for GitHub organization > Settings) and they have pretty much identical settings, except from what you would expect to be different e.g. contact email etc.

I was wondering if anyone has any ideas about what could be causing this. Are there any more organization settings somewhere by any chance?

Community
  • 1
  • 1
charisk
  • 3,190
  • 2
  • 24
  • 18

1 Answers1

0
ERROR: Permission to XXXX/YYYY.git denied to deploy key

This looks like you are trying to push using a deploy key. This key is used for deployment and therefore only to read-only access of your repository. Make sure you have the key which is enrolled in your github account, make sure it is used (IdentityFile in ~/.ssh/config) and get rid of the deploy key from the standard location which is picked by default (~/.ssh/id_{rsa,dsa,ecdsa,ed25519}). Note, that if there are more "valid" keys, only the firs succeeds.

Jakuje
  • 24,773
  • 12
  • 69
  • 75
  • Are you saying that deploy keys are only made for read only access? I've ticked the "Write access" checkbox and I've also got it to work on repositories of a different GitHub org. IdentityFile in the config is set as suggested. – charisk Dec 07 '16 at 21:20
  • Well, it would make sense to be readonly, but I see github supports also read/write deploy keys for some reason. But certainly checking that you are logging in with the expected key is a good start. Setting `LogLevel DEBUG3` in `~/.ssh/config` will help you with that. – Jakuje Dec 07 '16 at 21:26
  • Thanks for the pointers. I'd like it to have write access so that my build server can push changes e.g. version tags. So I can see the use case. However, I'm convinced this has nothing to do with my setup but with the GitHub settings. LogLevel shows that is getting the right key and that it authenticates fine, it's just that GitHub comes back with "Permissions to XXXX/YYYY.git denied to deploy key" for some reason. – charisk Dec 08 '16 at 11:35