Question
permission denied (publickey) using git from DigitalOcean console, Forge user
- Posted on May 14, 2020
- NginxDigitalOceanUbuntu 18.04Laravel
Asked by fowlertown
My setup originates with Laravel Forge connecting to various GitHub repos. I’ve been running a dozen sites without issue for about 6 months. All of a sudden, yesterday I started getting this permission denied (publickey) error in the DigitalOcean Console when I run any git push or git pull command.
I’ve been through these articles:
- https://www.digitalocean.com/community/questions/error-permission-denied-publickey-when-i-try-to-ssh
- https://www.digitalocean.com/community/questions/ssh-permission-denied-publickey
- https://stackoverflow.com/questions/48713210/ssh-permission-denied-publickey-digitalocean-ubuntu
They all recommend roughly the same solution:
- Edit config file
sudo nano /etc/ssh/sshd_config - Change
PasswordAuthentication yeswhich I shouldn’t need to do since this is SSH, not password auth - Change
PublickeyAuthentication yesor in my case, uncomment it - One article says to change
AuthorizedHostKeys .ssh/authorized_keys - Save, exit, and then run
sudo service sshd reload
I’ve tried all these steps multiple times but I still can’t get reconnected to my git repositories.
I’ve also reviewed the Forge SSH Keys instructions and confirmed the server key provided is the correct server key in /home/forge/.ssh/authorized_keys
Any additional ideas for 2020? I’m running Ubuntu 18.04.3
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Get our biweekly newsletter
Sign up for Infrastructure as a Newsletter.
Hollie's Hub for Good
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Become a contributor
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
I was logged in as the
rootuser accidentally, instead of my usual git userforge.So mucked up my file permissions by trying to
git addfiles, and once I got logged into the correct user, I had to reset my file permissions in the/.git/objectsfolder of my site(s) because they were owned byroot.This discussion answer was helpful.
Hi @fowlertown,
If I understand correctly, Laravel Forge is used like a central hub which pushes your Git project to different DigitalOcean Droplets, correct?
If that’s correct, then it seems for some reason the droplet isn’t accepting SSH connections via SSH keys. Let’s start troubleshooting. Firstly, can you see if you are able to SSH using your own terminal or if you are getting the same error?
Try to run the following command on the droplet and then connect from the computer/environment using the said key
You should be able to connect and receive something like the following on your Droplet :
In this case, what you can do is temporarily stop the SSH daemon and replace it with one in debug mode. Don’t worry, stopping the SSH daemon won’t kill any existing connections. This means it’s possible to run this without being connected to the droplet’s Console but it’s somewhat risky. If the connection does get broken for any kind of reason, you’ll need to connect using your droplet’s console. Anyway, you can run the following
If it again runs with the debug mode being on, then for sure it’s the SELinux causing the issues, it’s most probably set to Enforcing. The .ssh dir will probably be mislabeled. Look at
/var/log/audit/audit.log. Check with ls -laZ and then Runrestorecon -r -v /path/to/users/.ssh.Regards, KDSys