First of all I believe for compiling I don’t need SSH access as I can fetch via HTTP. Still it would be nice to use SSH and maybe later on one needs it, so let’s get it working. Here the output: simon@laptop:~$ ssh -p 29418 sjjh@code.fairphone.com -v OpenSSH_6.9p1 Ubuntu-2, OpenSSL 1.0.2d 9 Jul 2015 debug1: Reading configuration data /home/simon/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to code.fairphone.com [37.187.31.110] port 29418. debug1: Connection established. debug1: identity file /home/simon/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/simon/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/simon/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/simon/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/simon/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/simon/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/simon/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/simon/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.9p1 Ubuntu-2 debug1: Remote protocol version 2.0, remote software version GerritCodeReview_2.11.4 (SSHD-CORE-0.14.0) debug1: no match: GerritCodeReview_2.11.4 (SSHD-CORE-0.14.0) debug1: Authenticating to code.fairphone.com:29418 as 'sjjh' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-sha1 none debug1: kex: client->server aes128-ctr hmac-sha1 none debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug1: Server host key: ssh-rsa SHA256:0Zj8UF2NXJvVss+YwwMGyAseoACjhVADFiiQPl44nlg debug1: Host '[code.fairphone.com]:29418' is known and matches the RSA host key. debug1: Found key in /home/simon/.ssh/known_hosts:44 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/simon/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /home/simon/.ssh/id_dsa debug1: Trying private key: /home/simon/.ssh/id_ecdsa debug1: Trying private key: /home/simon/.ssh/id_ed25519 debug1: No more authentication methods to try. Permission denied (publickey). simon@laptop:~$ ls -lA .ssh/ insgesamt 44 -rw-rw-r-- 1 simon simon 23 Okt 5 2013 config -rw------- 1 simon simon 1766 Jan 25 2013 id_rsa -rw-r--r-- 1 simon simon 407 Jan 25 2013 id_rsa.pub -rw------- 1 simon simon 13394 Dez 29 23:57 known_hosts -rw------- 1 simon simon 12624 Aug 8 18:15 known_hosts.old simon@laptop:~$ cat .ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYhkH7I6KQXar3SU9R+sfPcdzCWOBXnr520CDcaBvFK055kkFVAHmfOetNzeGSF/CC75x+PXjE9Sgx6iVjL7CaOBEfTorTuadhWCHHNk1dX+cP6oBHNf/8ZheukoVUEqml7bp3dg0YG4Y+qAWfkRgZdPwwufEb6oB+xNp9O2E4aIeUEi7Jtu5oHzTmFvLeJfpcKVB4wVx1leTEJH3l1xBtfZJmdBKwz46pe2vNIRZnKKVFLZ+xO2wioVqzacMGxPbBExUWLWDLxdnHm1CW787TBilZdDHUSXZQakqu+4u+s0lZOU5mvaPnZdan6HOrIESNhjZcwN/WlNRkXVdxAFtp xxxxx@xxxxxx simon@laptop:~$
Here my key in my account:
I’m not an SSH/crypto expert. But it looks like a cypher mismatch to me? Like the ssh server on code.fairphone.com only accepts dsa, ecdsa, and ed25519, while I only have an rsa key ring. So is this by intention? Should I just create a new key ring? But why is uploading of a rsa key then permitted, why don’t I get an error message there? Or is it an error in the set-up of the ssh server, will you at fairphone fix it?
Thanks for your support!
PS: Feel free to move this topic to the developer category (as long as I then can still post to it)
Why are you trying to login via SSH? The SSH credentials are meant to authenticate you when pushing and pulling to the repositories. I don’t believe they are intended to work remotely on the gerrit server.
Edit: Ah, I see, it is supposed to verify that your authentication works. For me it does with an rsa-key:
$ ssh -p 29418 jftr@code.fairphone.com
The authenticity of host '[code.fairphone.com]:29418 ([37.187.31.110]:29418)' can't be established.
RSA key fingerprint is SHA256:0Zj8UF2NXJvVss+YwwMGyAseoACjhVADFiiQPl44nlg.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[code.fairphone.com]:29418,[37.187.31.110]:29418' (RSA) to the list of known hosts.
**** Welcome to Gerrit Code Review ****
Hi Franz Geiger, you have successfully connected over SSH.
Unfortunately, interactive shells are disabled.
To clone a hosted Git repository, use:
git clone ssh://jftr@code.fairphone.com:29418/REPOSITORY_NAME.git
Connection to code.fairphone.com closed.
I don’t know what goes wrong for you. Are you sure you’ve uploaded your public key to the server and not the private one?
Edit 2: Some more output for comparison.
$ ssh -p 29418 jftr@code.fairphone.com -v
OpenSSH_6.9p1 Ubuntu-2, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /home/jftr/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to code.fairphone.com [37.187.31.110] port 29418.
debug1: Connection established.
debug1: identity file /home/jftr/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jftr/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jftr/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jftr/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jftr/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jftr/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jftr/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/jftr/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9p1 Ubuntu-2
debug1: Remote protocol version 2.0, remote software version GerritCodeReview_2.11.4 (SSHD-CORE-0.14.0)
debug1: no match: GerritCodeReview_2.11.4 (SSHD-CORE-0.14.0)
debug1: Authenticating to code.fairphone.com:29418 as 'jftr'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Server host key: ssh-rsa SHA256:0Zj8UF2NXJvVss+YwwMGyAseoACjhVADFiiQPl44nlg
debug1: Host '[code.fairphone.com]:29418' is known and matches the RSA host key.
debug1: Found key in /home/jftr/.ssh/known_hosts:97
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/jftr/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to code.fairphone.com ([37.187.31.110]:29418).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LC_PAPER = en_IE.UTF-8
debug1: Sending env LC_ADDRESS = en_IE.UTF-8
debug1: Sending env LC_MONETARY = en_IE.UTF-8
debug1: Sending env LC_NUMERIC = en_IE.UTF-8
debug1: Sending env LC_TELEPHONE = en_IE.UTF-8
debug1: Sending env LC_IDENTIFICATION = en_IE.UTF-8
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_MEASUREMENT = en_IE.UTF-8
debug1: Sending env LC_TIME = en_IE.UTF-8
debug1: Sending env LC_NAME = en_IE.UTF-8
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
**** Welcome to Gerrit Code Review ****
Hi Franz Geiger, you have successfully connected over SSH.
Unfortunately, interactive shells are disabled.
To clone a hosted Git repository, use:
git clone ssh://jftr@code.fairphone.com:29418/REPOSITORY_NAME.git
debug1: channel 0: free: client-session, nchannels 1
Connection to code.fairphone.com closed.
Transferred: sent 4256, received 1864 bytes, in 0.2 seconds
Bytes per second: sent 26686.2, received 11687.8
debug1: Exit status 127
After comparing your and my output I’d suggest you either try to re-upload your SSH key or just create a new key-pair and try with that one.
Currently you only have one key-pair which means its unlikely that there is a mismatch. I can only guess that something went wrong when uploading your key.
What does your .ssh/config say about host code.fairphone.com? I have nothing configured in my personal config file. in /etc/ssh/ssh_config on line 19 – as mentioned in the debug output – the following configuration is set:
Host *
# ... omitting comments
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
BTW: I suggest you add the following configuration to .ssh/config for convenience (this makes it possible to copy/paste from the build instructions without adding your username all the time):
host code.fairphone.com
user sjjh
port 29418
[Of course user needs to be configured to your gerrit username, which is sjjh in @sjjh’s case only]
Guys, sorry for the noise (again). I found the solution in @jftr’s last reply.
If SSH is not working for you with a permission error check that the user name you tried to log on is the same user name you use in gerrit.
For me my user name in gerrit was blank as I registered via launchpad and there only my “full name” and my email address were transferred but not my user name. After manually setting a user name in gerrit, it now works!
Feel free to close this thread as solved (for me). Thanks everybody for your help!
I found the solution in