Permission denied (publickey,password) adding a Git repository

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Problem

When adding a Git repository to Fisheye using the SSH protocol, testing the connection throws the following error in the UI:

The following appears in the atlassian-fisheye-<date>.log:

2016-04-01 15:00:00,000 ERROR [qtp1864387098-21099 ection-1459537718527] fisheye RepositoryAdminRpcServiceImpl-testRepositoryConnection - Error testing connection.
com.atlassian.fisheye.spi.admin.services.RepositoryConfigException: com.cenqua.fisheye.config.ConfigException: Error talking to repository: 
    
    Permission denied (publickey,password).
    fatal: Could not read from remote repository.
    
    Please make sure you have the correct access rights
    and the repository exists.
    
    at com.atlassian.fisheye.spi.admin.impl.DefaultRepositoryAdminService.testConnectionFor(DefaultRepositoryAdminService.java:864) [fisheye.jar:?]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [?:1.8.0_74]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [?:1.8.0_74]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [?:1.8.0_74]
    at java.lang.reflect.Method.invoke(Method.java:498) [?:1.8.0_74]
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) [spring-aop-4.0.9.RELEASE.jar:4.0.9.RELEASE]
    ...
    at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) [jetty-server-8.1.10.v20130312.jar:8.1.10.v20130312]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628) [jetty-io-8.1.10.v20130312.jar:8.1.10.v20130312]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) [jetty-io-8.1.10.v20130312.jar:8.1.10.v20130312]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) [jetty-util-8.1.10.v20130312.jar:8.1.10.v20130312]
    at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) [jetty-util-8.1.10.v20130312.jar:8.1.10.v20130312]
    at java.lang.Thread.run(Thread.java:745) [?:1.8.0_74]
Caused by: com.cenqua.fisheye.config.ConfigException: Error talking to repository: 
    
    Permission denied (publickey,password).
    fatal: Could not read from remote repository.
    
    Please make sure you have the correct access rights
    and the repository exists.
    
    at com.atlassian.fisheye.git.GitScmConfig.testConnection(GitScmConfig.java:120) [fisheye.jar:?]
    at com.cenqua.fisheye.RepositoryConfig.testConnection(RepositoryConfig.java:428) [fisheye.jar:?]
    at com.atlassian.fisheye.spi.admin.impl.DefaultRepositoryAdminService.testConnectionFor(DefaultRepositoryAdminService.java:862) [fisheye.jar:?]
    ... 179 more

Diagnosis

Diagnostic Steps

  • When having a key pair generated by Fisheye, make sure the public key generated is added to the ~/.ssh/authorized_keys file of the user running Fisheye.

  • From a command line, logged in as the user running Fisheye, test the SSH connection outside Fisheye:

    ssh -Tv <username>@<hostname>

    In the command above, replace username by the name of the user that accesses the Git repository, and hostname by the hostname of the server in which the Git repository resides.
    You may get an output, among which you may see the following regarding the authentication being performed:

    debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/id_rsa
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: Next authentication method: password
<username>@<hostname>'s password:
debug1: Authentication succeeded (password).

Cause

If only the password authentication succeeded, this indicates that the authentication using the public key failed.

This topic suggested checking at the Git server's /var/log/auth.log file, which could give an idea of what's happening. For this occurrence, we found an entry similar as the following:

Sep 14 01:26:31 new-server sshd[22107]: Authentication refused: bad ownership or modes for directory /home/user/.ssh
Sep 14 01:26:46 new-server sshd[22108]: Connection closed by 98.76.54.32

The entry above was showing up both for the ~/.ssh directory and for the ~/.ssh/authorized_keys file. As explained by this article, SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600.

Resolution

Adjust the permissions on the referenced directory and file, as follows:

chmod 700 /home/user/.ssh
chmod 600 /home/user/.ssh/authorized_keys

Last modified on Jul 31, 2018

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.