05/20/22, 12:53 AM | #1 |
|
Git Authentication Issue
I'm trying to get a git repo set up for one of my addons on this site.
I'm following along this help page Using git bash for windows, I run the following: Code:
ssh-keygen -t ed25519 -C "[email protected]" I then copy the public key onto ESOUI as described in the link provided. However, I error out when authenticating. For debugging, I ran this Code:
ssh -vT [email protected] Code:
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to git.esoui.com [45.79.1.181] port 22. debug1: Connection established. debug1: identity file ~/.ssh/id_rsa type 0 debug1: identity file ~/.ssh/id_rsa-cert type -1 debug1: identity file ~/.ssh/id_dsa type -1 debug1: identity file ~/.ssh/id_dsa-cert type -1 debug1: identity file ~/.ssh/id_ecdsa type -1 debug1: identity file ~/.ssh/id_ecdsa-cert type -1 debug1: identity file ~/.ssh/id_ecdsa_sk type -1 debug1: identity file ~/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file ~/.ssh/id_ed25519 type 3 #Local Key is recognized debug1: identity file ~/.ssh/id_ed25519-cert type -1 debug1: identity file ~/.ssh/id_ed25519_sk type -1 debug1: identity file ~/.ssh/id_ed25519_sk-cert type -1 debug1: identity file ~/.ssh/id_xmss type -1 debug1: identity file ~/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.10 debug1: compat_banner: match: OpenSSH_5.9p1 Debian-5ubuntu1.10 pat OpenSSH_5* compat 0x0c000002 debug1: Authenticating to git.esoui.com:22 as 'git' debug1: load_hostkeys: fopen ~/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: ecdh-sha2-nistp256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ecdsa-sha2-nistp256 SHA256:q23OVanVJTzTUMuO5vZv9UqBib7I/kG+fIoR8t2tY18 debug1: load_hostkeys: fopen ~/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: Host 'git.esoui.com' is known and matches the ECDSA host key. debug1: Found key in ~/.ssh/known_hosts:1 debug1: rekey out after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 4294967296 blocks debug1: Will attempt key: ~/.ssh/id_rsa RSA SHA256:<fingerprint> debug1: Will attempt key: ~/.ssh/id_dsa debug1: Will attempt key: ~/.ssh/id_ecdsa debug1: Will attempt key: ~/.ssh/id_ecdsa_sk debug1: Will attempt key: ~/.ssh/id_ed25519 ED25519 SHA256:<fingerprint> debug1: Will attempt key: ~/.ssh/id_ed25519_sk debug1: Will attempt key: ~/.ssh/id_xmss debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering public key: ~/.ssh/id_rsa RSA SHA256:<fingerprint> debug1: send_pubkey_test: no mutual signature algorithm debug1: Trying private key: ~/.ssh/id_dsa debug1: Trying private key: ~/.ssh/id_ecdsa debug1: Trying private key: ~/.ssh/id_ecdsa_sk debug1: Offering public key: ~/.ssh/id_ed25519 ED25519 SHA256:<figerprint> debug1: Authentications that can continue: publickey debug1: Trying private key: ~/.ssh/id_ed25519_sk debug1: Trying private key: ~/.ssh/id_xmss debug1: No more authentication methods to try. [email protected]: Permission denied (publickey). |
05/20/22, 04:02 AM | #2 |
Try a higher verbosity:
Code:
ssh -vvv I guess your pk already has the correct file access lvl? You can try to change it to the accepted value, if it is not already: Code:
chmod 600 .\d_ed25519 |
|
05/20/22, 09:10 AM | #3 | |
|
I'm kind of getting the impression that there may be a server issue, but if everyone else (who tries) is connecting just fine, then that seems less likely. |
|
06/13/22, 05:09 PM | #4 |
|
As a quick followup here, I was able to easily put the same exact public key onto Github.com and ssh authentication went through without a hitch using exactly the same key pair. I did also try standard RSA key pairs on esoui as well, so the issue does not appear to be protocol specific.
I think it's reasonably safe to say I'm not incorrect with my process here and my setup isn't critically broken on my end, but it appears that git support on esoui is broken in some way from the server side. Maybe it's not worth fixing, but it is still disappointing. Maybe the setup instructions for git should be updated to reflect that the option is non-functional, unless I'm the only one having issues (or even trying to use the services). Thank you, wookie for trying to help. The extra debugging info was interesting, but not helpful. A connection attempt to github shows what should happen when offering a valid key. Code:
... debug1: Offering public key: /c/Users/<username>/.ssh/id_ed25519 ED25519 SHA256:TRo1+EbUEgApsrOXXMMbOTmMMkcRD/0rOuQBC9x84sU explicit debug1: Server accepts key: /c/Users/<username>/.ssh/id_ed25519 ED25519 SHA256:TRo1+EbUEgApsrOXXMMbOTmMMkcRD/0rOuQBC9x84sU explicit ... |
06/13/22, 05:41 PM | #5 |
Sorry I didn't notice this thread since it I thought it was about normal git auth and not ESOUI related. (moved to our site forum)
Looking at our logs I have some issues with some ssh-ed25519 keys that I'm debugging and grepping your IP in my logs you are hitting that issue. Try an RSA key, I know you said you tried one already but maybe generate a RSA key Code:
ssh-keygen -t rsa -b 4096 -f key-for-esoui Code:
host git.esoui.com user git HostName git.esoui.com port 22 IdentityFile ~/.ssh/key-for-esoui Code:
cat ~/.ssh/key-for-esoui.pub Last edited by Dolby : 06/13/22 at 11:33 PM. |
|
06/14/22, 06:47 PM | #6 | |
|
Code:
debug1: send_pubkey_test: no mutual signature algorithm |
|
06/14/22, 06:54 PM | #7 |
I think I need to work on openssh on the git server. I am curious though if you could add this to your .ssh/config under git.esoui.com... if that will fix the issue for now?
Code:
PubkeyAcceptedKeyTypes +ssh-rsa |
|
06/14/22, 10:01 PM | #8 |
|
That did resolve the issue. I'm guessing that's a deprecated key algorithm in newer Openssl libraries, so it had to be enabled to work with this site?
|
ESOUI » Site Forums » Site help, bugs, suggestions/questions » Git Authentication Issue |
«
Previous Thread
|
Next Thread
»
|
Thread Tools | |
Display Modes | |
|
|