Ssh new keypair - no error


#1

Hi

environment:

  • on-premises
  • Gogs Version: 0.11.53.0603
  • debian 8.9
  • gogs with ldap connection

Gogs works fine. Although when a user wants to delete an existing key and add a new one.
After that - whatever the user tries to clone/push/pull:

Cloning into '<repo>'...
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

I found different topics about the ssh problem, but no solution!

Anything? :slight_smile:


#2

Well… your public key is denied…


#3

yes, you got it right!
that’s the message you get, but something is wrong about that

You create a new keypair.
You delete the existing key and add the new one.
Whatever you do, you get the permission denied (publickey) message.

We tried that with multiple users and multiple new keys and it is always the same.

The key works in other systems, e.g. gitblit, github, gitlab.

So it is not about the user or the key.
Any idea what the reason is?

One hint … In the database the new uploaded key get’s a new id (e.g. 180).
Although the log message on the serverside throws an error searching for the “old” keyid (e.g. 10)
When I update the new public key directly in the database keeping the old id, then it works fine.

Could it be that the connection user <-> keyid has an error?


#4

Gogs regenerates ~/.ssh/authorized_keys after change of any public key, it is possible somehow Gogs failed updating it, you can always manually regenerate this file in /admin panel.


#5

Hi

thank you for the hint.
We tried that also already. The authorized_keys file is updated just as expected.
So this works fine.

any other ideas?
what happens when you try that on your system … create a new ssh key & delete the old one & upload the new key. What does your log say? … Following my example above … does the log say that it is searching for the new id or the old id? …


#6

I want to point out that this error message is not given by Gogs, the SSHD declined your public key. So the request not even get to the Gogs.


#7

Come on Primary Developer. This is not ok!
I really do not have the feeling you read the ticket and my comments.

i explicitly wrote:

We double-checked everything and there is no error in the key creation.
Since we are using it on other systems.


#8

Hi,

  1. The best way to prove a Gogs bug is to reproduce on https://try.gogs.io
  2. And show the exact steps you did.