I created an SSH key pair under Windows, but can't clone my repo

jim-frenzel January 28, 2023

I believe I successfully created an SSH key pair under Windows and added the public key to Bitbucket Cloud, as ssh -T git@bitbucket.org returns the expected output. However, when I try to clone the remote repo on my local PC I get this: (I X'ed out the repo name)

$ git clone git@bitbucket.org:jim-frenzel/XXXXXXX.git
Cloning into 'XXXXXXX'...
Bad owner or permissions on C:\\Users\\jff/.ssh/config
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Any suggestions?

1 answer

1 accepted

0 votes
Answer accepted
Syahrul
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 29, 2023

G'day @jim-frenzel 

Based on the error message, there are two issues with your ssh.

The first one is "Bad owner or permissions on C:\\Users\\jff/.ssh/config" error message, which happens when the .ssh folder doesn't have the right permission. It can happen if the inheritance option is enabled on the .ssh folder. Can you review the following threads here and try the suggested workaround to see if that fixes the issue?

As for the second issue, I believe the wrong SSH key is being used with your git clone hence you are getting the "fatal: Could not read from remote repository.". To identify this, simply clone with the following verbose commands:

GIT_TRACE_PACKET=1 GIT_TRACE=1 GIT_SSH_COMMAND="ssh -vvv" git clone <URL>

From the verbose log, identify your private ssh key name and check if it's being offered to git while cloning? If not then I suggest you manually add the following in the 

/Users/<name>/.ssh/config to explicitly ask SSH to use the default key only:
  1. Run the following command, replacing the {ssh-key-name} with the name of the private key:

    ssh-add ~/{ssh-key-name}
  2. To ensure the correct SSH key is used when connecting to Bitbucket, update or create your SSH configuration file (~/.ssh/config) with the following settings:

    Host bitbucket.org
     AddKeysToAgent yes 
    IdentityFile /Users/<name>/.ssh/{ssh-key-name}

     

    Where {ssh-key-name} is the location of the private key file once it has been added to the ssh-agent.

Let me know how it goes.

Cheers,
Syahrul

jim-frenzel January 30, 2023

Many thanks Syahrul! (Sorry for the delay - I had to wait until I got home from work to try things out.)

The problem turned out to be the permissions on the .ssh folder. (I had previously run ssh-add and modified the config file as you suggested later in your post.)

I looked at the thread you mentioned to fix the permissions and did the following:

1. Selected "Advanced" for the .ssh folder security properties.

2. Selected disable inheritance as suggested here: "When you are disabling the inheritance you will be asked if you want to copy the current inherited access rights. Select yes and then continue by removing the other user as described above."

3. Removed the Administrator and another admin account - leaving only SYSTEM and my account.

 

I had previously run ssh-add and modified the config file as you mentioned as the possible

Like # people like this

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events