I have set up an SSH private/public key. Loaded the public key into my ACCOUNT in BitBucket. When I execute ssh -T git@bitbucket.org, I get:
logged in as bdlawrence13
You can use git or hg to connect to Bitbucket. Shell access is disabled.
However, when I attempt to push using Git GUI, I get the following error:
Pushing to git clone git@bitbucket.org:bdlawrence13/dwcprovisioning.git
git clone git@bitbucket.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I have no problem pulling from the repository IF I put the public key in the repository and not my account. But then, I still cannot push.
With the key in my account, I cannot pull or push from this repository, even though I own the repository.
When the key is in the repository and not my account I get the error:
Pushing to git clone git@bitbucket.org:bdlawrence13/dwcprovisioning.git
Unauthorized
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists..
The key in the repository, running ssh -T git@bitbucket.org I get:
authenticated via a deploy key.
You can use git or hg to connect to Bitbucket. Shell access is disabled.
This deploy key has read access to the following repositories:
bdlawrence13/dwcprovisioning
Cannot figure out how to resolve this.
Hello @Brian.Lawrence,
Thanks for reaching out.
So, let's go from top to bottom.
However, when I attempt to push using Git GUI, I get the following error:
Pushing to git clone git@bitbucket.org:bdlawrence13/dwcprovisioning.git
git clone git@bitbucket.org: Permission denied (publickey).
fatal: Could not read from remote repository.
This means that Git client didn't manage to find the key that matches the one registered in Bitbucket. One of the reasons why this can happen is that your SSH client is not aware of the private key which public pair of you registered in your Bitbucket account. There are other reasons, please check out this page.
A good thing to help the investigation would be to do the push with verbose logging. You can enable it with GIT_TRACE=1 GIT_SSH_COMMAND="ssh -vvv" env variables, but this might be tricky depending on which GUI tool you're using. It might be helpful to run a pish from command line first and make it work, then fix the set up of the GUI tool.
You can post the verbose log here so that I can point at what's wrong.
When the key is in the repository and not my account I get the error:
Pushing to git clone git@bitbucket.org:bdlawrence13/dwcprovisioning.git
Unauthorized
fatal: Could not read from remote repository.Please make sure you have the correct access rights
and the repository exists..The key in the repository, running ssh -T git@bitbucket.org I get:
authenticated via a deploy key.
This is expected. The keys added into the repository are called access or deploy keys – and they are only allowed to read the repository, .e.g clone/pull but not push. These keys are designed for external CI/CD tools to be able to fetch the repository without creating extra user accounts. They're not intended to be used for development against the repository.
So you need to have your key registered in your account, not in the repository. I believe there's something on your local env setup that prevents Git (well, actually SSH client) from using the right key.
Let mw know what you find.
Cheers,
Daniil
I ran the following two commands:
K126395@USLJYM84M2 MINGW64 ~
$ ssh -T git@bitbucket.org
logged in as bdlawrence13
You can use git or hg to connect to Bitbucket. Shell access is disabled
And the verbose one:
$ ssh -v git@bitbucket.org
OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to bitbucket.org [18.205.93.2] port 22.
debug1: Connection established.
debug1: identity file /c/Users/k126395/.ssh/id_rsa type 0
debug1: identity file /c/Users/k126395/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/k126395/.ssh/id_dsa type -1
debug1: identity file /c/Users/k126395/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/k126395/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/k126395/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/k126395/.ssh/id_ed25519 type -1
debug1: identity file /c/Users/k126395/.ssh/id_ed25519-cert type -1
debug1: identity file /c/Users/k126395/.ssh/id_xmss type -1
debug1: identity file /c/Users/k126395/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version conker_31073e5a11 app-131
debug1: no match: conker_31073e5a11 app-131
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /c/Users/k126395/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/k126395/.ssh/id_rsa RSA SHA256:ueM9uihOo1bIirJj71WCVWLFJm6gvy6ZyT9rnD57Fho
debug1: Will attempt key: /c/Users/k126395/.ssh/id_dsa
debug1: Will attempt key: /c/Users/k126395/.ssh/id_ecdsa
debug1: Will attempt key: /c/Users/k126395/.ssh/id_ed25519
debug1: Will attempt key: /c/Users/k126395/.ssh/id_xmss
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /c/Users/k126395/.ssh/id_rsa RSA SHA256:ueM9uihOo1bIirJj71WCVWLFJm6gvy6ZyT9rnD57Fho
debug1: Server accepts key: /c/Users/k126395/.ssh/id_rsa RSA SHA256:ueM9uihOo1bIirJj71WCVWLFJm6gvy6ZyT9rnD57Fho
debug1: Authentication succeeded (publickey).
Authenticated to bitbucket.org ([18.205.93.2]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
logged in as bdlawrence13
You can use git or hg to connect to Bitbucket. Shell access is disabled
debug1: channel 0: free: client-session, nchannels 1
Connection to bitbucket.org closed.
Transferred: sent 3020, received 1860 bytes, in 0.2 seconds
Bytes per second: sent 16017.4, received 9865.0
debug1: Exit status 0
As you can see, everything checks out. But I cannot push to the repository or, with only the key in my account, pull, either.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, this log shows that your key called locally id_rsa is being picked up and recognised by Bitbucket.
Now, can you please post a verbose log of a failing attempt to push or pull? That one is way more interesting as it will hopefully surface the problem.
Cheers,
Daniil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
$ git push
11:00:08.998960 exec-cmd.c:237 trace: resolved executable dir: C:/Program Files/Git/mingw64/bin
11:00:09.002960 git.c:439 trace: built-in: git push
11:00:09.008960 run-command.c:663 trace: run_command: unset GIT_PREFIX; 'ssh -vvv' 'git clone git@bitbucket.org' 'git-receive-pack '\''bdlawrence13/dwcprovisioning.git'\'''
OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "bitbucket.org" port 22
debug2: ssh_connect_direct
debug1: Connecting to bitbucket.org [18.205.93.2] port 22.
debug1: Connection established.
debug1: identity file /c/Users/k126395/.ssh/id_rsa type 0
debug1: identity file /c/Users/k126395/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/k126395/.ssh/id_dsa type -1
debug1: identity file /c/Users/k126395/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/k126395/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/k126395/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/k126395/.ssh/id_ed25519 type -1
debug1: identity file /c/Users/k126395/.ssh/id_ed25519-cert type -1
debug1: identity file /c/Users/k126395/.ssh/id_xmss type -1
debug1: identity file /c/Users/k126395/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version conker_31073e5a11 app-152
debug1: no match: conker_31073e5a11 app-152
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to bitbucket.org:22 as 'git clone git'
debug3: hostkeys_foreach: reading file "/c/Users/k126395/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /c/Users/k126395/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from bitbucket.org
debug3: order_hostkeyalgs: prefer hostkeyalgs: rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-dss,ssh-rsa
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128
debug2: MACs ctos: hmac-sha2-256-etm@openssh.com,hmac-sha2-256,hmac-sha1,hmac-sha1-96
debug2: MACs stoc: hmac-sha2-256-etm@openssh.com,hmac-sha2-256,hmac-sha1,hmac-sha1-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug3: hostkeys_foreach: reading file "/c/Users/k126395/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /c/Users/k126395/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from bitbucket.org
debug3: hostkeys_foreach: reading file "/c/Users/k126395/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /c/Users/k126395/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 18.205.93.2
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /c/Users/k126395/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/k126395/.ssh/id_rsa RSA SHA256:ueM9uihOo1bIirJj71WCVWLFJm6gvy6ZyT9rnD57Fho
debug1: Will attempt key: /c/Users/k126395/.ssh/id_dsa
debug1: Will attempt key: /c/Users/k126395/.ssh/id_ecdsa
debug1: Will attempt key: /c/Users/k126395/.ssh/id_ed25519
debug1: Will attempt key: /c/Users/k126395/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /c/Users/k126395/.ssh/id_rsa RSA SHA256:ueM9uihOo1bIirJj71WCVWLFJm6gvy6ZyT9rnD57Fho
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /c/Users/k126395/.ssh/id_dsa
debug3: no such identity: /c/Users/k126395/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /c/Users/k126395/.ssh/id_ecdsa
debug3: no such identity: /c/Users/k126395/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /c/Users/k126395/.ssh/id_ed25519
debug3: no such identity: /c/Users/k126395/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /c/Users/k126395/.ssh/id_xmss
debug3: no such identity: /c/Users/k126395/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
git clone git@bitbucket.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ok, this log helped, thanks. I could've checked that earlier but I thought the issue is with the AAH key, not with the repo.
The repository you're trying to push to (and clone in the very first message) doesn't exist. You have access to a repository with the same name, but it is owned by another (team) account.
The SSH authentication takes the declared repository into account, and since the repository can't be resolved, it rejects the request. This is why this bit is in the error description in the response:
Please make sure you have the correct access rights
and the repository exists.
So please change the remote URL in your local repo to point it to the right place, then try pushing again.
Let me know if this helped.
Cheers,
Daniil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, that worked. Thank you. What's odd is that we hadn't changed anything and I had just recently recloned that repository. It was working, then it stopped working.
Anyway, we're now in the process of transferring our repositories to a new account anyway, so they'll all have to be adjusted.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
No worries, glad that it worked.
So I just checked again, and I can see that that repository has been transferred from your account into the team account few days ago.
Not sure what was wrong before the transfer. Can you try pulling and pushing to another repository in your account to check if it works fine?
Cheers,
Daniil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The only other one I have to my account is messed up. Has larger issues. I'll connect to the new team account repositories going forward. Thanks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.