Question 46355 in Debian Question posted in
The oficial documentation can be found here.

Authorizing to my git server with `.ssh/authorized_keys` does not work – Debian

I setup a git server 2.30.2 on my NAS with debian bullseye.

User is git with home directory /media/nas/programming/git_repos/ and shell /bin/bash.

home directory and all of its subdirectories/files are owned by git:git.

home directory has 770 permissions and directory .ssh inside home directory has 700 permissions.

I create a private/public key with command ssh-keygen -t ed25519 -C [email protected] (or on second try ssh-keygen -t rsa -C [email protected]).

Public key becomes /media/nas/programming/git_repos/.ssh/authorized_keys (git:git ownership, 400 permissions) and private key becomes c:/Users/<username>/.ssh/id_ed25519 (or on second try c:/Users/<username>/.ssh/id_rsa) on Windows PC.

On /etc/ssh/sshd_config I have a line AllowUsers root git ...

Now, with Git GUI, I am trying to connect to remote (lets say fetch) with url url = [email protected]:my_project.

Initially it asks for password to decrypt id_ed25519 (or on second try id_rsa).

Then it asks for password for [email protected] which means Git server does not count at all the .ssh/authorized_keys.

What I am doing wrong here?

update ssh -Tv [email protected] does not say so much:

 ....
 debug1: Authentications that can continue: publickey,password
 debug1: Next authentication method: publickey
 debug1: Trying private key: C:\Users\chameleon/.ssh/id_rsa
 debug1: Trying private key: C:\Users\chameleon/.ssh/id_dsa
 debug1: Trying private key: C:\Users\chameleon/.ssh/id_ecdsa
 debug1: Trying private key: C:\Users\chameleon/.ssh/id_ed25519
 debug1: read_passphrase: can't open /dev/tty: No such file or directory
 Enter passphrase for key 'C:Userschameleon/.ssh/id_ed25519':     <---- Here I give the password
 debug1: Authentications that can continue: publickey,password
 debug1: Trying private key: C:\Users\chameleon/.ssh/id_xmss
 debug1: Next authentication method: password
 debug1: read_passphrase: can't open /dev/tty: No such file or directory
 [email protected]'s password:    <---- Here I give the password. After that, connection established.
Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Answer to my question:

    Fast: Change permissions of git home folder from 770 to 750.

    Bloated:

    As @VonC says above, I start a new sshd instance in port 12345 with debug 3 mode:

    sshd -p 12345 -ddd

    Then I replace my remote repository link inside MyProjectFolder/.git/config, from:

    [remote "MyNAS"]
        url = ssh://[email protected]:my_project

    to

    [remote "MyNAS"]
        url = ssh://[email protected]:12345/~/my_project

    and I try a fetch.

    sshd instance respond that git home folder does not have properly ownership and/or permissions.

    I change git home folder from 770 to 750 and now it works.

    PS: group writing set, because I user belong to git group and I was feeling that write access to git repo is a handy permission. Never mind. It is not so useful.


  2. 0

    Make sure you have the right permission on the remote side (NAS ~git): if anything if writable by "others", SSH will not consider the authorized_keys file.

    Then test your connection with ssh -Tv [email protected] and confirm your c:/Users/<username>/.ssh/id_ed25519 is considered and proposed.
    If it is, consider launching an sshd in debug mode on your NAS to see if any error message pops up during your ssh -Tv test command.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search