• Tìm kiếm

Permission denied (publickey) | Bitbucket Cloud

  • 10,000
  • Tác giả: admin
  • Ngày đăng: 06:05 11/12/2024
  • Lượt xem: 10
  • Tình trạng: Còn hàng

Platform Notice: Cloud - This article applies lớn Atlassian products on the cloud platform.

Problem

When attempting lớn clone, push or pull over SSH with Git, you receive the message

Permission denied (publickey).

OR

remote: Permission denied (publickey)

OR

abort: Permission denied: (project name)

Diagnosis

You are receiving this message because Bitbucket Cloud could not authenticate you with any of the keys that were offered lớn it by your SSH agent. To verify this is the case, bởi the following 

ssh -t -vvv [email protected]

This will attempt lớn create a connection lớn Bitbucket Cloud for git. You should receive a response similar lớn the following if your key is correctly loaded

$ ssh -t -vvv [email protected] 
authenticated via ssh key.

You can use git lớn connect lớn Bitbucket. Shell access is disabled

From here you can proceed with your work as normal. If you bởi not see a message similar lớn the above, read on.
If you see the message "debug3: no such identity: : No such tệp tin or directory" refer lớn Error "No such tệp tin or directory" when running verbose git SSH commands.

Resolution

This can be caused by a couple of factors, but these are the most common:

- Your public key isn't loaded into Bitbucket Cloud

To kiểm tra lớn see if your public key is loaded into Bitbucket Cloud, bởi the following:

  1. Open a browser and log into Bitbucket Cloud.
  2. Select the Settings cog and select Personal Bitbucket settings from the profile menu

    The system displays the personal settings page.

  3. Click SSH keys in the Security section.
    The SSH Keys page displays. It shows a list of any existing keys. Alternatively, you can directly access this URL - https://bitbucket.org/account/settings/ssh-keys/ lớn list/add/delete SSH keys under your profile. 

  4. If you bởi not have any keys listed, follow Set up an SSH key to mix one up.

If your SSH agent doesn't know how lớn offer Bitbucket Cloud a key, the connection will fail. To find out what keys your SSH Agent currently is offering, and add them, bởi the following:

Windows
  1. Double-click Pageant lớn view loaded keys (Pageant is a PuTTY authentication agent).
  2. Click 'Add Key' lớn add any key not found in the list.

If you see an invalid format error, make sure you remove all of the new line characters and spaces from the key.  In the example above, the last character should be 6.

On GitBash, MacOS or Linux


Then, if you don't see your key listed, add it by 

Remember that if the key was generated with a different name you should change the 'id_rsa' on the command lớn the name of the key. For more information, kiểm tra out our full Troubleshoot SSH issues guide.

- Your identity isn’t loaded into PuTTYgen 


If using PuTTYgen application:

  1. Open PuTTYgen;

  2. Click on ‘File > Load private key’;

  3. Choose your *.ppk tệp tin from a directory;

  4. Click on ‘Conversions > Export OpenSSH key’;

  5. Save the tệp tin in ‘C:\Users\\.ssh thư mục with 'id_rsa’ name.

- Git bash for Windows/Pageant is not using the correct keys 

This can be confirmed by running the following command:

If you see that your SSH agent isn’t using the key you want lớn, it’s likely because of Windows Environment Variables. To configure those, follow the steps outlined below:

1. Access your Environment Variables by opening up System Properties and navigating lớn Advanced System Settings
2. Add a new System variable with the following structure

Variable Name: GIT_SSH
Variable Value: full path lớn pageant.exe (you may also have plink.exe, puttygen.exe and other agents, i.e. C:\Program Files (x86)\Atlassian\SourceTree\tools\putty\plink.exe)

(info) An easy way of finding the path for the agent is lớn open Task Manager, find the process, and open the thư mục location lớn get the path lớn your agent.

After creating the new variable make sure lớn restart your terminals so sánh that they receive the new values. If you’re running bash from an IDE, make sure lớn restart the IDE itself as well.

- You bởi not have permission lớn create the repository on your local filesystem

If you get the error "Permission denied", it is also possible that git doesn't have permission lớn create the project thư mục locally. Check permissions for the directory where you're attempting lớn kiểm tra out the project, and make sure you have write access.

- Your private key tệp tin permissions are too open

Your ssh-agent might not use your private key if the tệp tin permissions for your private key are too open. The key needs lớn be read-writable only lớn you:

On GitBash, MacOS, or Linux
Alternatively the key can be only readable lớn you:
On Windows

File permissions can be mix by right-mouse clicking on the relevant tệp tin, going into properties, and then selecting the "Security" tab, leaving only the SYSTEM, Administrators, and the user as read-writable lớn.

- Your security algorithm has been deprecated or is different kêu ca Bitbucket’s accepted methods 

This can be confirmed by running the following command:

If you see the debug1: send_pubkey_test: no mutual signature algorithm message then this is the case.

The RSA SHA-1 hash algorithm is being quickly deprecated across operating systems and SSH clients because of various security vulnerabilities, with many of these technologies now outright denying the use of this algorithm.

(info) For example - here is the announcement from OpenSSH regarding their upcoming deprecation of the ssh-rsa algorithm.

If you are using an operating system or SSH client whose version has this algorithm disabled, any SSH keys previously generated using this algorithm may no longer be accepted by these technologies. 

If you are getting an error in Pipelines while using an RSA key, it might be because the Pipelines image is using an older version of OpenSSH that still uses SHA1 as the mặc định algorithm for RSA keys. Switch your image to atlassian/default-image:4 with the following line in your bitbucket-pipelines.yml tệp tin -

image: atlassian/default-image:4

The default-image:4 is based off of Ubuntu 22.04 which has a newer version of OpenSSH installed that uses SHA256 instead of SHA1 for RSA keys. This is a more secure algorithm and accepted everywhere. If you bởi not specify any image, atlassian/default-image:1 is used which uses an older version of OpenSSH that still uses SHA1 for RSA keys.


The preferred resolution is lớn re-generate the keys using an updated algorithm, which can be done using the following command:

ssh-keygen -t ed25519 -C "[email protected]

If generating a new key doesn’t work, you can also re-enable the RSA algorithm by adding the following line lớn your ssh-agent config file:

PubkeyAcceptedKeyTypes +rsa-sha2-256,rsa-sha2-512

The config tệp tin can usually be found on the following path: ~/.ssh/config

If none of the solutions above worked you can always tương tác our tư vấn team via the tư vấn portal at https://support.atlassian.com/. Feel không tính phí lớn open a ticket with us containing as much information as possible, especially which repository are you trying lớn access as well as your public SSH key, which can be found by using the following command:

This will copy the contents of your public SSH key and will be ready lớn be pasted on the tư vấn ticket.