Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Access Keys not working

Hello,

I'm unable to clone my repository using access keys.

Details:
1 - create repository on bitbucket

2 - create new ssh key on my AWS server "ssh-keygen"

3 - Go to access keys section in repository settings and add the new public key (id_rsa.pub)

4 - copy/paste the clone line from bitbucket (git clone git@bitbucket.org:xxx/xxx.git)

I get "git@bitbucket.org: Permission denied (publickey)."

I've run the clone in verbose, and also checked with ssh -T.  No matter what I try, I get a permission denied.  However, the correct public key IS setup as the repository access key.

Can anybody help with some troubleshooting steps?

Thanks!

1 answer

1 accepted

1 vote
Answer accepted

Hello,

A few things to check:

1. What is the output of the following command, executed on your AWS server:

ssh -Tvvv git@bitbucket.org

This will give us verbose output and should show us what repos this access key has access to, or if authentication fails, an indication of what may be going wrong. If you could copy-paste it here, I can take a look.

2. Could you perhaps share the public SSH key, so I can check in our system and see what repos it is associated with?

3. What are the permissions of the .ssh directory, the private and the public key on the AWS server?

4. Do you have more more than one SSH key pairs in the .ssh directory?

5. Another thing to check would be the config file in the .ssh directory, see if there is any entry for bitbucket.org, specifying an IdentityFile other than the one you generated?

Kind regards,
Theodora

Hi Theodora,  Thanks for the help. 

I'll respond to your questions in order

1) Output is pasted here: https://pastebin.ubuntu.com/p/WCQyhTzNXF/ 

 

2) Public key is:  

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfn+yjPwwsXA90mDi1N6OoMSntxyFjdqT3yw0BQQZIsi58zp1hib9NqV3+MBU/nvLMaccvsoWyNx+Wq6DOZB9Z0a7N/3/wpWWPuoQLx3uHcla/PznSxPkfXkJIG43udrdTY+QnQnMa9/4xEjOpu4cAu5aHlUIUohLolk+4moYLALFJ4PqF02vCEuFfTq5bkVqq3jKGVlbf+IwlcSU1H25KEhcdygiQHQz73rx639uOEENe6zX4E+o4s4QX1pdmSc8WHxUpbRs+yQmYzyQWfW/nDDhZ06nYKZv0tmxXx5Kkbdbs55vbgDgj+2jXpkhOsBhK6clkY6mfuydOT+9nuuU1JINHe+hpk5s6LxOGFlZGC7jYkGpgmzpz0LozKTZ8AWn8gCqZcfZLP1FLxrxsJCfBgnMIpLYUIgpDvwWkk//cAMqTfGSc3VngZGgHbc/kB8L3Pk54bL/0g5E4b9qx/hiR8WHShTfMWUCpXcAPYVODRNImnAZPQYfLvBmTHRDPVR8=

 

3) .ssh directory permissions are:  drwx------

 

4) There is only one key in the .ssh directory

 

5) No config file in the .ssh directory.

 

Note:  The public key I pasted above is set at the Access key for the repository that I want to clone.  (It is NOT set as SSH key for user account.  I've use this same setup for other projects and never had a problem before. )

Thank You!

Hello,

Thank you for the info. Looking at the verbose output, I believe the line that indicates the issue is the following one:

debug1: send_pubkey_test: no mutual signature algorithm

after the public SSH key is offered.

I see similar issues reported by other users also from Fedora, and the issue seems to be related to the PubkeyAcceptedKeyTypes in the client machine, as certain types may not be included in the configuration.

If you'd like to attach here the following two config files from that server, I can have a look:

  • /etc/ssh/ssh_config
  • /etc/crypto-policies/back-ends/openssh.config

In most cases the issue is resolved by adding a config file in the .ssh folder with the following content:

Host bitbucket.org
    Hostname bitbucket.org
    IdentityFile ~/.ssh/id_rsa
    PubkeyAcceptedKeyTypes +ssh-rsa

or the following:

Host bitbucket.org
Hostname bitbucket.org
IdentityFile ~/.ssh/id_rsa
PubkeyAcceptedKeyTypes +rsa-sha2-256,rsa-sha2-512

So you can give it a try with creating a config file in the .ssh folder and then see if you are able to connect to Bitbucket, please feel free to let me know how it goes.

Kind regards,
Theodora

Brilliant!

That fixed it.  Thank you very much!

That's great to hear, you are very welcome!

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

New improvements to user management in Bitbucket Cloud 👥

Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...

3,821 views 10 16
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you