I have a source repository setup in a project. I have my main admin user and I created a second user (did try a service account at first) and gave that user "Project Owner" access on the project with the source repo.
I created an SSH key on my local machine by running: ssh-keygen -t rsa -P "" -C "user@domain.com" -f "mysshfile"
I created a config file in my.ssh folder:
Host source.developers.google.com
HostName source.developers.google.com
Port 2022
IdentityFile /Users/XXXXX/.ssh/mysshfile
I copied the contents of my mysshfile.pub and registered it with Cloud repo SSH keys.
When git clone as the my second user it fails with the error message of: Permission denied (publickey) . When I git clone as my main admin user, it works.
So I ran the ssh command with verbose to check: ssh -p 2022 -l admin@domain.com -v source.developers.google.com
, I get:
........
debug1: Offering public key: /Users/xxxxxx/.ssh/mysshfile RSA SHA256:U+XREDACTED explicit
debug1: Server accepts key: /Users/xxxxxx/.ssh/mysshfile RSA SHA256:U+XREDACTED explicit
debug1: Authentication succeeded (publickey).
Authenticated to source.developers.google.com ([74.125.197.82]:2022).
When I run the same command as my test user: ssh -p 2022 -l test@domain.com -v source.developers.google.com
, I get:
debug1: Offering public key: /Users/xxxxxxx/.ssh/mysshfile RSA SHA256:U+XJREDACTED explicit
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
test@domain@source.developers.google.com: Permission denied (publickey).
I can't figure out why the git clone using ssh works for one user (the one I don't even want) and not another?
You need to add the following line into your config file:
PubkeyAcceptedKeyTypes +ssh-rsa
So it should now be:
Host source.developers.google.com
HostName source.developers.google.com
Port 2022
IdentityFile /Users/XXXXX/.ssh/mysshfile
PubkeyAcceptedKeyTypes +ssh-rsa
On the verbose mode you will see the following lines:
debug1: send_pubkey_test: no mutual signature algorithm
It means that ssh-rsa
algorithm was disabled. Which can be re-enabled as explained here .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.