git private server error: "Permission denied (publickey)."
- by goddfree
I followed the instructions here in order to set up a private git server on my Amazon EC2 instance. However, I am having problems when trying to SSH into the git account. Specifically, I get the error "Permission denied (publickey)."
Here are the permissions of my files/folders on the EC2 server:
drwx------ 4 git git 4096 Aug 13 19:52 /home/git/
drwx------ 2 git git 4096 Aug 13 19:52 /home/git/.ssh
-rw------- 1 git git 400 Aug 13 19:51 /home/git/.ssh/authorized_keys
Here are the permissions of my files/folders on my own computer:
drwx------ 5 CYT staff 170 Aug 13 14:51 .ssh
-rw------- 1 CYT staff 1679 Aug 13 13:53 .ssh/id_rsa
-rw-r--r-- 1 CYT staff 400 Aug 13 13:53 .ssh/id_rsa.pub
-rw-r--r-- 1 CYT staff 1585 Aug 13 13:53 .ssh/known_hosts
When checking my logs in /var/log/secure, I used to get the following error message every time I tried to SSH:
Authentication refused: bad ownership or modes for file /home/git/.ssh/authorized_keys
However, after making a few permission changes, I no longer get this error message. Despite this, I am still getting the "Permission denied (publickey)." message every time I try to SSH.
The command I am using to SSH is ssh -T git@my-ip.
Here is the full log I get when I run ssh -vT [email protected]:
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to my-ip [my-ip] port 22.
debug1: Connection established.
debug1: identity file /Users/CYT/.ssh/id_rsa type -1
debug1: identity file /Users/CYT/.ssh/id_rsa-cert type -1
debug1: identity file /Users/CYT/.ssh/id_dsa type -1
debug1: identity file /Users/CYT/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr [email protected] none
debug1: kex: client->server aes128-ctr [email protected] none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 08:ad:8a:bc:ab:4d:5f:73:24:b2:78:69:46:1a:a5:5a
debug1: Host 'my-ip' is known and matches the RSA host key.
debug1: Found key in /Users/CYT/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/CYT/.ssh/id_rsa
debug1: Trying private key: /Users/CYT/.ssh/id_dsa
debug1: No more authentication methods to try.
Permission denied (publickey).
I have spent a few hours going through threads on various sites, including SO and SF, looking for a solution. It seems that the permissions for my files are all okay, but I just can't figure out the problem. Any help would be greatly appreciated.
Edit:
EEAA: Here are the outputs you requested:
$ getent passwd git
git:x:503:504::/home/git:/bin/bash
$ grep ssh ~git/.ssh/authorized_keys | wc -l
grep: /home/git/.ssh/authorized_keys: Permission denied
0
