3

I have configured OpenSSH to use a specific key when I login to github....

[mpenning@mudslide .ssh]$ pwd
/home/mpenning/.ssh
[mpenning@mudslide .ssh]$ ls -la | grep config
-rw-r--r--  1 mpenning mpenning  473 Jan 23 09:49 config
[mpenning@mudslide .ssh]$ head -n 4 config
Host gh
        HostName github.com
        User git
        IdentityFile ~/.ssh/id_rsa_github
[mpenning@mudslide .ssh]$

However, when I ssh to github without explicitly calling out github's private key on the CLI, authentication fails:

[mpenning@mudslide .ssh]$ ssh -F ./config [email protected]
Permission denied (publickey).    ^^^^^^^^ This used to work
[mpenning@mudslide .ssh]$

The only way I can force it to work is to explicitly call out the private key when I ssh...

[mpenning@mudslide .ssh]$ ls -la | grep github
-r--------  1 mpenning mpenning 3243 Nov 24  2016 id_rsa_github
-rw-r--r--  1 mpenning mpenning  743 Nov 24  2016 id_rsa_github.pub
[mpenning@mudslide .ssh]$ ssh -i ./id_rsa_github [email protected]
PTY allocation request failed on channel 0
Hi mpenning! You've successfully authenticated, but GitHub does not provide shell access.
Connection to github.com closed.
[mpenning@mudslide .ssh]$

My config file worked yesterday... I haven't changed anything in it. The config file already points to the correct private key.

Suddely, ssh seemingly ignores my github config. It never even tries the right private key...

[mpenning@mudslide .ssh]$ ssh -v [email protected] 2>&1 | grep github
debug1: Connecting to github.com [192.30.253.113] port 22.
debug1: Host 'github.com' is known and matches the RSA host key.
[mpenning@mudslide .ssh]$

Obviously this works, but I shouldn't have to use -i...

[mpenning@mudslide .ssh]$ ssh -i id_rsa_github -v [email protected] 2>&1 | grep github
debug1: Connecting to github.com [192.30.253.113] port 22.
debug1: identity file id_rsa_github type 1
debug1: identity file id_rsa_github-cert type -1
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Offering RSA public key: id_rsa_github
Authenticated to github.com ([192.30.253.113]:22).
Connection to github.com closed.
[mpenning@mudslide .ssh]$

My Questions:

  • What broke this?
  • How can I fix it?
Improve this question
3
  • Apart from what the answer says, you always use ssh-agent/ssh-add.
    – Daniel B
    Commented Jan 27, 2018 at 17:32
  • @DanielB, what advantage do ssh-agent / ssh-add have over my status quo
    – Mike Pennington
    Commented Jan 27, 2018 at 17:39
  • It’s simply a different way to deal with SSH public key authentication. It offers some minor benefits like having to enter a key’s passphrase only once (when calling ssh-add).
    – Daniel B
    Commented Jan 27, 2018 at 18:39

2 Answers 2

Reset to default
5

You're not calling to connect to the host you've defined in your config.

Use ssh gh not ssh .... [email protected]

But why? - See below:

[mpenning@mudslide .ssh]$ ssh -F ./config [email protected] Permission denied (publickey). ^^^^^^^^ This used to work

I don't think it ever did (did you check using history?). I think you used ssh -F ./config gh

You defined the host as gh in your config:

Host gh
        HostName github.com
        User git
        IdentityFile ~/.ssh/id_rsa_github

So you should simply be calling ssh gh. You can pass other arguments if you want to override what is in your config, such as if you wanted to use a different user however as you've set all the required variables you should just be using the Host variable and nothing more.

You shouldn't even need to pass the -F ./config to be honest.

Improve this answer
2
  • 1
    I cannot understand why this worked for months and failed today... but changing my config name from gh to github.com worked
    – Mike Pennington
    Commented Jan 27, 2018 at 17:37
  • Glad you got it sorted :)
    – djsmiley2kStaysInside
    Commented Jan 27, 2018 at 17:57
0

ensure your ~/.ssh/config is owned by your user and "staff" group (not root/root)

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .