1

I am new to gitlab and this is my first time using ssh. I could generate ssh key and add it into my account settings. I could clone the repo via ssh, I could checkout to my branch, but thing I still cannot do is push my change to the branch. Here is the step by step I generate the ssh key until I try to push it (by following instruction in here):

PS. I am using windows 10.

  • on terminal (as admin), type: ssh-keygen -o -t rsa -b 4096 -C "myemail@example.com".
  • Press Enter for default path of the ssh key
  • Provide password
  • Create config file in ~/.ssh/. Here is what I wrote in the config file:

Host ahostname Hostname myhostname.com User mygitlabusername Port port PreferredAuthentications publickey IdentityFile ~/.ssh/id_rsa

  • copy the ssh key with this command: cat ~/.ssh/id_rsa.pub | clip
  • Placed the ssh key into my account settings
  • Then, run ssh -T git@myhostname.com, and here is the result:

The authenticity of host '[myhostname.com]:port ([123.456.789]:port)' can't be established. ECDSA key fingerprint is SHA256:xxxx. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[myhostname.com]:port ([ipofmyshost]:port)' (ECDSA) to the list of known hosts. Enter passphrase for key 'C:~/.ssh/id_rsa': Welcome to GitLab, <myusername>!

  • Then I try to clone a repo: git clone ssh://git@myhostname.com/repo.git
  • But, apparently, when cloning, it refer to another IP address. For example, let say ipofmyhost on the ssh -T git@myhostname.com is 123.456.789. Then, when I cloning, the IP is changed to 123.456.781 (sorry I am afraid I couldn't mention the real IP). So, here is what I got when try to cloning the repo:

Warning: Permanently added the ECDSA host key for IP address '[123.456.781]:port' to the list of known hosts. Enter passphrase for key '/c/.ssh/id_rsa':

  • But, the clone done, then I checkout to my branch with git checkout mybranchname
  • Now, I am in my branch. Make little change. Try to push, but here is the error I got:

git@myhostname.com: Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.

What I missed here? I found this question but sorry I do not understand what the accepted answer suggest me to do to solve this.

update

I've try to re-clone again, but before it, I delete all known_host. Then, do git clone again without testing with ssh -T git@myhostname.com to avoid creating new IP address. But, I still got the same error when push my branch even no new ip address added to the known_host.

Akza
  • 1,033
  • 3
  • 19
  • 37

1 Answers1

0

Try again, for testing, with an SSH key created without a passphrase.

Or, first, make sure you have added your key to an ssh-agent with ssh-add.
See "Working with non-default SSH key pair paths"

You can "Auto-launching ssh-agent on Git for Windows" (GitHub instructions, but valid for GitLab as well)

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • I've try with ssh-add but when it executed, the result is "No such file", but I am 100% sure that the file exist. So, I try to create new SSH key without passphrase, AND IT WORKED!!!! Did you know why this happened? I think, by providing password it will be more secure, right? – Akza Jul 14 '19 at 04:48
  • @Akza Following https://help.github.com/en/articles/working-with-ssh-key-passphrases#auto-launching-ssh-agent-on-git-for-windows, `ssh-add` is used with your private key as parameter: `ssh-add ~/path/to/my_key`. But when you have no passphrase to begin with... this is simpler! – VonC Jul 14 '19 at 04:58
  • well, yeah, it much simpler, hahah. But, may I ask one another thing, please? could I use same key for two devices? Let say I generate the first key on windows and now its successfully linked. Now, I want my mac also have access to the repo. Do I have to generate new key on my mac and add it to my profile again? or can I copy the key from my windows to my mac? so I dont have to add new ssh key to my account – Akza Jul 14 '19 at 05:05
  • @Akza It is better to generate a new key for the second device, rather than copying the first key. That is because those keys are *private*: as long as they are copied aournd... they are "less private". – VonC Jul 14 '19 at 05:08
  • @Akza Plus, you can easily revoke one, without invalidating access for every device. – VonC Jul 14 '19 at 05:08