You are not logged in.
I am trying to upload a package today. I created a new SSH key just as the wiki explains how to, then I tried fetching a blank repository using git clone ssh://aur@aur.archlinux.org/my-package.git, and I even tried adding the url as a remote and fetched it, but both get me the folllowing error:
aur@aur.archlinux.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
And here's the output of ssh -v aur@aur.archlinux.org:
OpenSSH_7.7p1, OpenSSL 1.1.0h 27 Mar 2018
debug1: Reading configuration data /home/parker/.ssh/config
debug1: /home/parker/.ssh/config line 3: Applying options for aur.archlinux.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to aur.archlinux.org [2a01:4f8:160:3033::2] port 22.
debug1: Connection established.
debug1: identity file /home/parker/.ssh/aur type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/parker/.ssh/aur-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.7
debug1: match: OpenSSH_7.7 pat OpenSSH* compat 0x04000000
debug1: Authenticating to aur.archlinux.org:22 as 'aur'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:L71Q91yHwmHPYYkJMDgj0xmUuw16qFOhJbBr1mzsiOI
debug1: Host 'aur.archlinux.org' is known and matches the ECDSA host key.
debug1: Found key in /home/parker/.ssh/known_hosts:7
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:RSAdFndk97Iq5HBesYzjowTF1TbTKOdXpqZrFIIk4ok /home/parker/.ssh/aur
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
aur@aur.archlinux.org: Permission denied (publickey).
I'm at my wit's end and I just want this damn thing to work. Any help would be greatly appreciated.
Last edited by rasputin (2018-08-15 01:17:23)
Russia's greatest love macine
===============================
PGP Fingerprint: 55A0 40FD A46B DADB
gitlab
Offline
Offline
*public key*
https://ugjka.net
paru > yay | webcord > discord
pacman -S spotify-launcher
mount /dev/disk/by-...
Offline
Did you actually upload your key to your AUR account after generating it?
Yes I did.
Russia's greatest love macine
===============================
PGP Fingerprint: 55A0 40FD A46B DADB
gitlab
Offline
Okay after some searching I realized the problem. I guess ssh wasn't looking at my config file. I had set up a seperate ssh key for the AUR and had the following in my ~/.ssh/config file:
Host aur.archlinux.org
IdentityFile ~/.ssh/aur
User aur
Since that didn't work, I just uploaded my default ssh key to my account (id_rsa), deleted those lines in my config file, and it worked! Thanks to the two of you for getting me to think about this.
Russia's greatest love macine
===============================
PGP Fingerprint: 55A0 40FD A46B DADB
gitlab
Offline
The reason that aur key did not work was probably because you had wrong permissions on your ~/.ssh/aur file. Should be 600.
Offline
The reason that aur key did not work was probably because you had wrong permissions on your ~/.ssh/aur file. Should be 600.
Oh shit that's good to know. Thanks.
EDIT: i just looked and the file already has read+write permissions.
Last edited by rasputin (2018-08-01 09:54:05)
Russia's greatest love macine
===============================
PGP Fingerprint: 55A0 40FD A46B DADB
gitlab
Offline
EDIT: i just looked and the file already has read+write permissions.
The private key file's group and other permissions must not have read or write, i.e. do "chmod 600 ~/.ssh/aur".
Offline
rasputin wrote:EDIT: i just looked and the file already has read+write permissions.
The private key file's group and other permissions must not have read or write, i.e. do "chmod 600 ~/.ssh/aur".
600 is read and write for user so it depends on which set of permissions you are referring to.
Offline
600 is read and write for user so it depends on which set of permissions you are referring to.
Re-quoting my sentence above: The private key file's group and other permissions must not have read or write, i.e. do "chmod 600 ~/.ssh/aur".
Offline
@bulletmark where does rasputin indicate which permissions were being referred to or what in the posted ssh output lead you to conclude that was the issue?
Offline
@bulletmark where does rasputin indicate which permissions were being referred to or what in the posted ssh output lead you to conclude that was the issue?
The ssh error message he quotes in his OP is exactly the error you get if you have "group" or "other" "rw" permissions set on the private key file. You will note my first response here said that was "probably" the issue.
Offline
In post #9 I should have made clearer that from my reading of post #7 the file could already have 600 permissions.
Edit:
I get a different error message for bad permissions
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0666 for '/home/testuser/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/home/testuser/.ssh/id_rsa": bad permissions
git@github.com: Permission denied (publickey).
Last edited by loqs (2018-08-01 23:39:40)
Offline
In post #9 I should have made clearer that from my reading of post #7 the file could already have 600 permissions.
Well his post #7 is so vague I assumed he wasn't clear I what exactly I mean't when I said it should be "600" so it was very likely that other &/or group were also rw.
Last edited by bulletmark (2018-08-01 23:38:32)
Offline
logs, just saw you edited your post after my reply to add that error message. If I do a chmod from 600 to 640 (or 660 or 666 .. etc) on my key I get:
sign_and_send_pubkey: signing failed: agent refused operation
aur@aur.archlinux.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I.e. same error message as OP.
Last edited by bulletmark (2018-08-04 00:46:29)
Offline
This'll be my last post on this thread. I just recently got the seperate keys working. Turns out I was running into issues when copying & pasting the public key from my terminal (st) to my browser (qutebrowser). If anyone else comes across this thread, be sure to check if you actually paste what you meant to copy. :-/
Russia's greatest love macine
===============================
PGP Fingerprint: 55A0 40FD A46B DADB
gitlab
Offline
Great, happy to see you got it fixed.
Please edit your first post and prepend "[Solved]" to the thread title.
Managing AUR repos The Right Way -- aurpublish (now a standalone tool)
Offline