Am I being denied permission because of the network I'm working in?

Ian Cameron May 29, 2015

Hello,

     I have an issue regarding authentication when trying to connect to bitbucket. I have followed the documentation for SSH Git on Windows 7 a few times now just to ensure I have not made any mistakes (as far as I know).

I  am using the following.

GitBash, its default key generator (private/public pair), and Windows 7.

My config file is in my /.ssh folder, my .bashrc (along with the code) is outside of /.ssh (which means it's in my user folder), I have added the identity (id_rsa) by using ssh-add -l successfully. I copy and pasted my public key into my bitbucket account (Add key).

After all that, I've entered ssh -T git@bitbucket.org and this is what I get.

 

$ ssh -Tv git@bitbucket.org
OpenSSH_6.6.1, OpenSSL 1.0.1m 19 Mar 2015
debug1: Connecting to bitbucket.org [142.183.198.147] port 22.
debug1: Connection established.
debug1: identity file /c/Users/ian.cameron/.ssh/id_rsa type 1
debug1: identity file /c/Users/ian.cameron/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/ian.cameron/.ssh/id_dsa type -1
debug1: identity file /c/Users/ian.cameron/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/ian.cameron/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/ian.cameron/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/ian.cameron/.ssh/id_ed25519 type -1
debug1: identity file /c/Users/ian.cameron/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4* compat 0x00000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 1c:20:0a:1b:54:1a:bc:4c:40:cd:28:53:a7:94:09:5d
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /c/Users/ian.cameron/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/ian.cameron/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /c/Users/ian.cameron/.ssh/id_dsa
debug1: Trying private key: /c/Users/ian.cameron/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/ian.cameron/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).

I'm trying to login to bitbucket with a work laptop from a corporate network, and I'm wondering if there's something blocking me such as an anti-virus, or a firewall or something. The reason I ask this is because I tried the exact same method from my own personal computer and it worked perfectly on the first try in Windows 8.1

2 answers

0 votes
jredmond
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 29, 2015

That isn't Bitbucket's IP. Is there something on your network restricting outbound SSH connections? What happens when you try this command instead?

ssh -Tvvv -p 443 git@altssh.bitbucket.org
Ian Cameron May 29, 2015

I believe there is, I'm working under a corporate network so I suspect that's the culprit, unfortunately due to policy I cannot configure the proxy. I've tried the command you gave me and this is what happens. $ ssh -Tvvv -p 443 git@altssh.bitbucket.org OpenSSH_6.6.1, OpenSSL 1.0.1m 19 Mar 2015 debug2: ssh_connect: needpriv 0 debug1: Connecting to altssh.bitbucket.org [142.183.198.147] port 443. debug1: Connection established. debug3: Incorrect RSA1 identifier debug3: Could not load "/c/Users/ian.cameron/.ssh/id_rsa" as a RSA1 public key debug1: identity file /c/Users/ian.cameron/.ssh/id_rsa type 1 debug1: identity file /c/Users/ian.cameron/.ssh/id_rsa-cert type -1 debug1: identity file /c/Users/ian.cameron/.ssh/id_dsa type -1 debug1: identity file /c/Users/ian.cameron/.ssh/id_dsa-cert type -1 debug1: identity file /c/Users/ian.cameron/.ssh/id_ecdsa type -1 debug1: identity file /c/Users/ian.cameron/.ssh/id_ecdsa-cert type -1 debug1: identity file /c/Users/ian.cameron/.ssh/id_ed25519 type -1 debug1: identity file /c/Users/ian.cameron/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1 ssh_exchange_identification: Connection closed by remote host

jredmond
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 29, 2015

That's still not the right IP - it should be 131.103.20.174. You'll need to talk to your network team to see if they'll permit the traffic. Otherwise, you may be able to connect using HTTPS.

0 votes
Daniel Wester
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 29, 2015

It looks like it's able to communicate with bitbucket. Silly question - did you upload the key to bitbucket?

Ian Cameron May 29, 2015

Yes, I used either cat ~/.ssh/id_rsa.pub or just viewed the file in .txt format, copied the key and pasted it in the SSH key section on the website. I only have one public key listed in my account. I was wondering if it's possible that it could be a proxy configuration, maybe I have to use an alternate port?

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events