I followed the steps of this doc: https://circleci.com/docs/add-ssh-key#circleci-cloud-or-server-3-x
I generated my key:
ssh-keygen -m PEM -t rsa -C "myname#myemail.com"
I copied the content of .ssh/id_ed25519, went to Project Settings > SSH Keys > Additional SHH Keys, and pasted the content of my Key.
However, when I try to ssh I receive the following error:
ssh -p 54782 x.x.x.130
The authenticity of host '[x.x.x.130]:54782 ([x.x.x.x]:54782)' can't be established.
ED25519 key fingerprint is SHA256:xxx
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[x.x.x.130]:54782' (ED25519) to the list of known hosts.
myname#x.x.x.130: Permission denied (publickey).
I will appreciate your help. Thanks
The instructions you followed are for something else; they are about adding an SSH key to the project in case you need to SSH into remote servers from within a job.
If you want to SSH into your job, you need to add the key you generated on your local machine to your VCS (GitHub or Bitbucket) account.
I tried:
$ ssh root#157.245.238.190
and I receive:
Warning: Permanently added '157.245.238.190' (ECDSA) to the list of known hosts.
Permission denied (publickey).
Why does the connection fails, even though I have added the server fingerprint to the known_hosts file?
While known_hosts might be correctly updated, you sill have to register (add) your public key to ~root/.ssh/authorized_keys on the server side.
If not added, an SSH connection would fail with Permission denied (public key)
Also check how the sshd_config is configured on your droplet.
Note that the recommended SSH session is using a user, not root.
So I'm using the "Remote - SSH" plugin in VSCode to connect to my VPS and edit my code. I lost the connection, then had to hard-reset it after 30+ min. Now I can't access it with VSCode anymore [putty works] and get Could not establish connection to "[vps-ip]". Permission denied (publickey,password). when starting VSCode in ssh up or when reloading the connection.
I also get this log every time.
What would I have to do, to get this to work normally again?
Here is the log I replaced some stuff with [...]
[18:42:52.792] Log Level: 2
[18:42:52.795] remote-ssh#0.50.0
[18:42:52.795] win32 x64
[18:42:52.797] SSH Resolver called for "ssh-remote+[vps-ip]", attempt 1
[18:42:52.797] SSH Resolver called for host: [vps-ip]
[18:42:52.798] Setting up SSH remote "[vpsip]"
[18:42:52.801] Acquiring local install lock: C:\Users\[myname]\AppData\Local\Temp\vscode-remote-ssh-[vps-ip]-install.lock
[18:42:52.816] Looking for existing server data file at c:\Users\[myname]\AppData\Roaming\Code\User\globalStorage\ms-vscode-remote.remote-ssh\vscode-ssh-host-[vps-ip]-[id]\data.json
[18:42:52.817] Using commit id "[id]" and quality "stable" for server
[18:42:52.817] Install and start server if needed
[18:42:52.820] Checking ssh with "ssh -V"
[18:42:52.875] > OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
[18:42:52.876] Checking ssh with "C:\WINDOWS\System32\OpenSSH\ssh.exe -V"
[18:42:52.917] > OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
[18:42:52.917] Checking ssh with "C:\Program Files\Git\usr\bin\ssh.exe -V"
[18:42:52.993] > OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
[18:42:52.994] askpass server listening on \\.\pipe\vscode-ssh-askpass-[askpass]-sock
[18:42:52.995] Spawning local server with {"ipcHandlePath":"\\\\.\\pipe\\vscode-ssh-askpass-[askpass]-sock","sshCommand":"C:\\Program Files\\Git\\usr\\bin\\ssh.exe","sshArgs":["-v","-T","-D","55323","[vps-ip]"],"dataFilePath":"c:\\Users\\[myname]\\AppData\\Roaming\\Code\\User\\globalStorage\\ms-vscode-remote.remote-ssh\\vscode-ssh-host-[vps-ip]-[id]\\data.json"}
[18:42:52.995] Local server env: {"DISPLAY":"1","ELECTRON_RUN_AS_NODE":"1","SSH_ASKPASS":"c:\\Users\\[myname]\\.vscode\\extensions\\ms-vscode-remote.remote-ssh-0.50.0\\out\\local-server\\askpass.bat","VSCODE_SSH_ASKPASS_NODE":"C:\\Users\\[myname]\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe","VSCODE_SSH_ASKPASS_MAIN":"c:\\Users\\[myname]\\.vscode\\extensions\\ms-vscode-remote.remote-ssh-0.50.0\\out\\askpass-main.js","VSCODE_SSH_ASKPASS_HANDLE":"\\\\.\\pipe\\vscode-ssh-askpass-[askpass]-sock"}
[18:42:53.021] Spawned 30572
[18:42:53.125] > local-server> Spawned ssh: 12024
[18:42:53.165] stderr> OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
[18:42:53.359] stderr> debug1: Server host key: [the key]
[18:42:53.558] stderr> 'C:\Users\[only my sirname]' is not recognized as an internal or external command,
[18:42:53.558] stderr> operable program or batch file.
[18:42:53.607] stderr> Permission denied, please try again.
[18:42:53.638] stderr> 'C:\Users\[only my sirname]' is not recognized as an internal or external command,
[18:42:53.638] stderr> operable program or batch file.
[18:42:53.686] stderr> Permission denied, please try again.
[18:42:53.716] stderr> 'C:\Users\[only my sirname]' is not recognized as an internal or external command,
[18:42:53.716] stderr> operable program or batch file.
[18:42:53.767] stderr> root#[vps-ip]: Permission denied (publickey,password).
[18:42:53.771] > local-server> ssh child died, shutting down
[18:42:53.779] Local server exit: 0
[18:42:53.780] Received install output: OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
debug1: Server host key: [key]
'C:\Users\[only my sirname]' is not recognized as an internal or external command,
operable program or batch file.
Permission denied, please try again.
'C:\Users\[only my sirname]' is not recognized as an internal or external command,
operable program or batch file.
Permission denied, please try again.
'C:\Users\[only my sirname]' is not recognized as an internal or external command,
operable program or batch file.
root#[vps-ip]: Permission denied (publickey,password).
[18:42:53.781] Resolver error: Permission denied (publickey,password).
[18:42:53.783] ------
EDIT2: So apparently this is a problem only occurring on one of my PCs and reinstalling doesn't help
It seems that the remote ssh extension version 0.50.0 broke something related to this. See the issue I opened on the Github:
https://github.com/microsoft/vscode-remote-release/issues/2581
As a workaround, using version 0.49.0 works for me. Do this by right-clicking the extension name and clicking "Install another version...", and select 0.49.0 in the dialogue. Hopefully this gets resolved in a minor version update.
Solved! For most people, the issue is that you did not make the .pem file executable. You need to chmod 400 yourkey.pem for mac, I think 755 for linux, not sure about windows, then move the key into your ssh folder mv yourkey.pem ~/.ssh
Then configure your vscode ssh config file as such.
Host YourHost
HostName ec32-364-207-287-109.compute-1.amazonaws.com
User ubuntu
IdentityFile ~/.ssh/yourkey.pem
I had the same issue with version 0.49+ of Remote SSH on vscode. What I did was cmd-p > Connect To SSH Host > Configure SSH HOSTS and within my config file I noticed I had two entries:
Host <ip>
HostName <name>
User <gungoonsoundcloudwhatsup>
IdentityFile ~/.ssh/file.pub
Host <ip>
HostName <name>
User <gungoonsoundcloudwhatsup>
IdentityFile ~/.ssh/file.pub
So I deleted one and changed the IdentityFile from the .pub file to the appropriate rsa.
That did the trick for me.
Below is the config I used which works for me.
Host vs-ssh.visualstudio.com
HostName vs-ssh.visualstudio.com
User git
IdentityFile file_path
IdentitiesOnly yes
In my case, I had to add User prop to the ssh config because it is using my current device's account name (nemothecollector) while root is correct account name.
Host digital-ocean-vps-as-root
+ User root
HostName 157.245.150.193
IdentityFile ~/.ssh/digital_ocean_vps
IdentitiesOnly yes
Port 22
For me, the issue was the IdentityFile path. On the command line, I simply gave the name of the .pem file. VS Code needs the ~/.ssh/config file to provide the absolute path. Additionally, my key had spaces in it. So I had to wrap the absolute path in quotes, like this: "~/.ssh/key with spaces". Using the $HOME variable didn't work for me. Hope this helps someone.
it might be caused by low time_out in the setting of VSCODE Extension. You can increase that and try again: ctrl + , then find REMOTE SSH under the extension section and increase Connect Timeout to 60 maybe.
Spent an hour on this problem.
I have but one advice.
Double check your username and/or IP address.
This may interest anyone who's been having the issue recently. I'm running the latest VS Code at the time (version 1.74.3 from the 2023-01-09 update).
What I did:
Opened the Command Palette
Selected Remote-SSH: Connect to Host...
Typed in: ssh user#host, and on other attempts: ssh host
After several unsuccessful attempts to log in and still receiving the error posted, I noticed the Command Palette prompt's greyed-out instruction mentioned "... or enter user#host". Considering that this instruction may have been altered from previous versions of VS Code, I changed my command accordingly. I dropped the "ssh" part of the command and this worked: user#host
So basically my setup is that i'm creating an ssh pair on my remote server, then copying the pub key to bitbucket, and my server's authorized_keys file.
I'm still getting permission denied when I run my deploy on Bitbucket.
Any SSH key you use in Pipelines should not have a passphrase.
I'm assuming this has something to do with it, even tho i created the ssh pair with a blank password, my sshd_config file has:
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
Should I change this to yes?
Bitbucket's documentation says I should ssh-copy-id -i my_ssh_key user#host, but that doesn't make sense to me since all ssh gen is either happening on the remote or in Bitbucket itself.
Have no idea why this isn't clearer.
Edit: here's the error on the bitbucket build:
+ cat ./deploy.sh | ssh username#remote.com
Pseudo-terminal will not be allocated because stdin is not a terminal.
Warning: Permanently added the RSA host key for IP address ‘XXX.XXX.XX.XX’ to the list of known hosts.
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
Here are some values of my sshd_config:
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
Ok, got it. For some reason, i had my ssh logic backwards. I re-created the ssh key pair in Bitbucket, added the public key to my remote server's ~/ssh/authorized_keys file, AND ... I assured that the permissions of that file was set to 600. Once I fixed that permission, I had my first successful build. Hope this helps someone.
Backstory: currently running Arch Linux and attempting to authenticate into Github using SSH keys. I have openssh 7.1p1-1 installed as well as git 2.6.4-1.
Problem: After the ssh-agent terminates (system reboot or shell closure), I get the "Permission Denied (publickey)" message when attempting to connect to git using:
ssh -vT git#github.com
Any ideas as to why my identity does not persist? Do I have to add anything special to the ~/.ssh/config or /etc/ssh/ssh_config files?
Thank you for any help you can provide.
After ssh-agent is gone, ssh is no longer aware that id_github exists, so it never tries authenticating with that key. If you want to force ssh to always use that key for github.com, you can add this to ~/.ssh/config:
Host github.com
IdentityFile ~/.ssh/id_github
User git # Handy addition so you can skip the username part in Github URLs