Adding and using SSH Key works, then is rejected every few days

Hi Ana

Thanks, it happened again this Monday morning, however I manually created my SSH key again before seeing this. I'll paste the output below anyway, but if it doesn't tell you anything I'll wait until it happens again and get a dump of these commands again *before* I fix.

ssh -TV git@bitbucket.org:

OpenSSH_7.6p1, LibreSSL 2.6.2
debug1: Reading configuration data /Users/jason/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to bitbucket.org port 22.
debug1: Connection established.
debug1: identity file /Users/jason/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version conker_1.1.8-82b4337 app-126
debug1: no match: conker_1.1.8-82b4337 app-126
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /Users/jason/.ssh/known_hosts:30
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:yLHL2dwJn2HeE6I8VrBROhuuP64Ok6iQ+3lue9TqQHU /Users/jason/.ssh/plmtr-Bitbucket
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug1: Authentication succeeded (publickey).
Authenticated to bitbucket.org ([104.192.143.1]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_AU.US-ASCII
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
logged in as plmtr.

You can use git or hg to connect to Bitbucket. Shell access is disabled.
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 3412, received 2088 bytes, in 0.5 seconds
Bytes per second: sent 6583.0, received 4028.5
debug1: Exit status 0

ssh-add-L:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDtQ2oM21zCQaCNyYPHQSpcV6VbfoHOSu5UKub5+zzuOiNxeOn2nYlP6nfle+6YjbDfDFEMnnvviRYgA/kWBI5VrQqThz4izebc4+D8TzDcHrO1+qyWn6cf8iekzSWo83r73ndU0xhq9jaF3vabIyAt8zDd1qnMDGfrPApJmMiF/1yFwIy6ZCho60uyT9KsC4Ce2DU8vFb+6hr+CH4nTi+N7Fam8QRG04JFSf7J+t+EnqIyQCEKRgz4OGmpXbkLMc59ZDWIPEcbDiJEzqA5R5RyKMaJTk1485eKu5XBgLPpcIHhFxSrJTDvPcdvfjJRaKFoMXRiBqz5MfwsU7du3sjwm44OKr1K6E+bPme8TBqlbcn5ijVLbPyQnNNG1I9qksCs15yMUhA4/cy48A5VVLh1g9dS5byGPRLohQ2mz/VDCqE15UMi88YqV4XvO0uzCuyx7N4jEGCNQS4vD2UQ+qwIiGh6ieOKmHlNIfTA3CnhSUKJdCwKvKb9RlUTPb/d84GXVnjm0Pny7tfv43OlCRKyRDklwKDi4zaX7ZyLCjnuH/KWgpOCfcQivaEmFfvCcVkISokEkyr3jSBoP4Ch2bOMb3vwSYMAKJ2aBiD9wqwBL6xPuVE2tcLSGA/tLwbHAe6vmhb1DBTN8NzBcFvTD0gLJsN+b3vFca370OIvs96TUQ== /Users/jason/.ssh/plmtr-Bitbucket

Cheers - Jason

Hello. Okay Monday morning blues with this again. Before fixing here is the output of `ssh -Tv git@bitbucket.org`:

OpenSSH_7.6p1, LibreSSL 2.6.2
debug1: Reading configuration data /Users/jason/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to bitbucket.org port 22.
debug1: Connection established.
debug1: identity file /Users/jason/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jason/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version conker_1.1.8-82b4337 app-126
debug1: no match: conker_1.1.8-82b4337 app-126
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /Users/jason/.ssh/known_hosts:30
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:OZ7sRLMNAr7DdXSUQINaiFGPr+aAcu3mu7fNOG71Y0c /Users/jason/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/jason/.ssh/id_dsa
debug1: Trying private key: /Users/jason/.ssh/id_ecdsa
debug1: Trying private key: /Users/jason/.ssh/id_ed25519
debug1: No more authentication methods to try.
git@bitbucket.org: Permission denied (publickey).

and then output for `ssh-add -L`:

The agent has no identities.

 Much appreciated! 

Hi Jason, thanks for that! This part of your message is key on finding out what's wrong:

That means that your SSH key agent is empty so there are no SSH keys it can offer to authenticate. As I mentioned in my first comment, there was a known issue with Mac not remembering the SSH keys (they get erased from the agent), you can find more info about it at MacOs Sierra doesn't remember SSH keys between reboots.

If you need more assistance with that, I'd recommend you to contact Apple support so they can propose a workaround on how to enter the SSH keys so they don't get erased. 

If you don't use MacOS, and thus the previous article doesn't affect you, please let us know and we'll continue helping you.

Cheers!

Ana