3

After installing git on my new work computer, generating my ssh key and adding it on gitlab, I'm trying to clone a project but I get the following error:

ssh: connect to host <private-domain>.com port 22: Connection timed out
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

I've also tried the command to just test the ssh connection with the verbose option and I get this:

$ ssh -Tvvv appgit@<private_domain>.com
OpenSSH_8.8p1, OpenSSL 1.1.1m  14 Dec 2021
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/h/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/h/.ssh/known_hosts2'
debug2: resolving "<private_domain>.com" port 22
debug3: resolve_host: lookup <private_domain>.com:22
debug3: ssh_connect_direct: entering
debug1: Connecting to <private_domain>.com [<serv.ip.add.ress>] port 22.
debug3: set_sock_tos: set socket 4 IP_TOS 0x48
debug1: connect to address <serv.ip.add.ress> port 22: Connection timed out
ssh: connect to host <private_domain>.com port 22: Connection timed out

I know the domain exists, ping <private-domain>.com works. I don't think it's a proxy issue because I'm not connecting with http or https.

None of the fixes in this answer changed anything. (I'm on Windows)

I've noticed that if I delete my keys in my ~/.ssh folder, I get the same error, which makes me think this is a key problem and not a network problem. How can I be sure git is using the right key?

I've tried ssh-keygen -lf ~/.ssh/id_rsa -E md5 to see if the fingerprint matches the one on gitlab (it does) but that only gives me the one in the folder, not necessarily the one git uses. Git-gui Help>Show SSH Key does show my key correctly though.

Teleporting Goat
  • 417
  • 1
  • 6
  • 20
  • "timed out" errors generally mean you're dialing the Internet-phone and getting dead silence back: it's not giving a busy signal, you don't get a "boo-bah-beep! the number you have dialed is not in service", nobody's saying hello, just ... nothing. Perhaps your phone doesn't work. Perhaps the wires are cut. There are many possibilities. – torek Feb 17 '22 at 02:30
  • The fact that ping works to a related name is promising. Use whatever network diagnostic tools you have to trace the ssh packets. Watch on both sides (your end, the server host). Then work your way into the middle to see where things are going wrong. – torek Feb 17 '22 at 02:31

3 Answers3

2

Double-check that:

  • the remote server at least answer on port 22

      curl -v telnet://<private_domain>.com:22

(the connect to address <serv.ip.add.ress> port 22: Connection timed out part seems to indicated that either the remote server does not listen, or the local server block any egress SSH connection)

  • the remote GitLab server is indeed configured with a technical account named appgit: the default account usually used is git.
    Just in case, test it again with ssh -Tvvv git@<private_domain>.com

And make sure your key is using the default naming scheme (like ~/.ssh/id_rsa[.pub])

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • `appgit` and `git` give the same results. The weird thing is that if I delete my keys from my `.ssh` folder, I get the same timeout error (there's no "authentication failed" or "ssh key not authorized" error or anything like that). This leads me to believe it's a key problem and not a network problem. How do I know git is actually using the right key in the right folder? – Teleporting Goat Feb 17 '22 at 09:10
  • 2
    @TeleportingGoat That means Git does not even get the opportunity to use the right key: a network issue prevents it to contact port 22 on the remote side. – VonC Feb 17 '22 at 16:44
1

I solved this by deleting lines in ~/.ssh/known_hosts. Delete all host or ip related to the address.

www.####.com,xx.xx.xxx.xxx
10.15.##.## ssh-rsa AAAAB3NzaC1yc2EA
gfan
  • 1,027
  • 1
  • 14
  • 28
-1

If you are using gitlab which is running on custom domain you can do following

  • add your git private key to ssh-agent on local machine by doing ssh-add
  • add following config file to your current user home dir. (~/.ssh/config, update the parameter accordingly)

Host gitlab
    HostName mycustomgitlabdomain.com
    User my-git-user
    IdentityFile ~/.ssh/my_private_key

Further, check following

  • Are you able to do SSH on remote server using any user ?
  • Check firewall rules, if you have any blocking there
  • Check the access by replacing domain name with IP address
  • Check SSH port of remote server (possible SSH service might be configured to run on different ports)
ras
  • 618
  • 8
  • 15
  • This has nothing to do with the key, as no connection is being established where the client and the server can even *begin* to authenticate. – chepner Jul 30 '22 at 15:25
  • @chepner , if you look in comments the OP has query on, is git using correct key or not. he can check the key mapping if he have any. That's i've explain in my answer. Apart from keys part i've mentioned the other troubleshooting points. :) – ras Jul 30 '22 at 15:47