1

SSH commits to Github do work with my current setup. I use this recommended script to trigger the password prompt:

#!/bin/bash
 
eval $(ssh-agent -s)
ssh-add ~/.ssh/github_ssh_private_key

However, ever since I switched to Emacs' Magit, password prompting simply didn't happen, I still don't know why. Apparently, the recommendation to fix this is to use a ~/.ssh/config file — I use Artix Linux. Currently, my config file looks like this — even though I've tried many, many other variations —:

Host github.com
  HostName github.com
  IdentityFile /home/philippe/.ssh/github_ssh_private_key

This simplifies the workflow overall, as a prompt now appears both in the terminal and on Emacs, i.e. I don't have to run the eval ... ssh-agent script anymore. However, typing my correct password simply doesn't achieve anything, the prompt reappears on the line below endlessly.

Strangely, the password/passphrase prompt changes slightly across the mentioned use cases:

Enter passphrase for /home/philippe/.ssh/github_ssh_private_key:       # with the eval script
Enter passphrase for key '/home/philippe/.ssh/github_ssh_private_key': # With the `config` file

I've seen a bazillion posts on the internet about this topic, but haven't found anything official or standardized about it so far. These are my references so far:

Philippe Fanaro
  • 6,148
  • 6
  • 38
  • 76
  • Does a regular `git pull` work? The files in the prompt and in the configuration seem to differ; are all paths correct? What's the output in Magit's log (`$`)? – Zeta May 06 '21 at 20:15
  • `git pull` and `git clone` both seem to be working fine. Sorry for the typo in the filenames, `github_ssh_private_key` was supposed to be a friendlier version of `github_ssh`. I'm also going to include Magit's output next. – Philippe Fanaro May 06 '21 at 20:29
  • Magit actually enters the same prompt loop. Or, if I remove the `config` file, it returns a fatal error saying that I didn't have the necessary permissions to manage the repo. – Philippe Fanaro May 06 '21 at 20:31
  • "since I switched to Emacs' Magit, password prompting simply didn't happen" -- did you start Emacs in the environment which knew about your ssh-agent? E.g. after running `eval $(ssh-agent -s)` did you then run `emacs` in the same terminal? (Or otherwise import the ssh agent environment variables into Emacs -- you could also use `M-x setenv`). – phils May 07 '21 at 00:03
  • @phils, I had not tried that. But, now that I did, it does work! Thanks. But how would I simplify this setup? How exactly could I share this `ssh-agent` with Emacs? Can it be done without launching it from a terminal? – Philippe Fanaro May 07 '21 at 00:56
  • Opening a terminal within Emacs and using the whole `eval $(ssh-agent -s)` ordeal doesn't seem to work though. – Philippe Fanaro May 07 '21 at 00:56
  • I'm not an emacs expert, and you should find someone who is for an "emacs-y" solution, but the root of the problem here is that when you use a service-enabled emacs, running `emacs somefile` ends up sending a request to the existing, already-open emacs to edit that file, rather than actually editing that file. The existing, already-open emacs has to have the right environment setup to talk to the ssh agent (because magit runs in *that* emacs, not the one you think you're using!). – torek May 07 '21 at 01:40
  • One approach is to run the ssh-agent as part of your GUI login session, so that it's visible in the environment inherited by every process started within that session. Failing that, you can arrange that your shell config will always configure/talk to a single common agent, so that anything you do from a shell will automatically know about that agent. I believe that https://www.funtoo.org/Keychain can help you with that. – phils May 07 '21 at 03:38

1 Answers1

0

That needs to work in a terminal first, before Emacs.

I would add to the config file a User git line.

Once that is working, then you can check your Emacs/Maggit configuration and see if that helps.

Philippe Fanaro
  • 6,148
  • 6
  • 38
  • 76
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Why would you need to add `User git`? I had tried with or without it and it didn't seem to make a difference. And the `ssh-add` comment is because I made another typo, which I've just fixed, I think. – Philippe Fanaro May 07 '21 at 20:02
  • @PhilippeFanaro It is just good practice: the user should always be `git` when it comes to SSH access to `github.com` – VonC May 07 '21 at 20:03
  • And where does that good practice come from? Is that something you picked up from your experience? Is there documentation about it somewhere about it? – Philippe Fanaro May 07 '21 at 20:15
  • @PhilippeFanaro I understand this is frustrating, and hope you will find a solution. Documentation: https://stackoverflow.com/a/7927828/6309 and https://blog.mattclemente.com/2020/09/15/multiple-github-accounts-wildcard-ssh-config-identityfile.html – VonC May 07 '21 at 21:46
  • I don't know if my last message was misinterpreted but I didn't mean to lash out on anyone here. It's just that I find quite ridiculous that there are so many devs working out dissonant solutions to this problem and I can't seem to find a simple enough solution and explanation for all of its parts. Things look at best as someone trying to reverse-engineer the problem. It's 2021 and users have to scour the internet in order to find out how to do something which should be easily found in the Git or Github documentation. – Philippe Fanaro May 08 '21 at 14:10
  • I'd say this is based on Github's SSH addresses being `git@github.com:...` which is indeed specifying a user named `git`; so the config is consistent with that... *but* as github always makes that username explicit in the SSH remote addresses it displays, I suspect you'd need to go out of your way to make a SSH connection to github with any *other* username. – phils May 12 '21 at 03:16