Permission denied (publickey,password) adding a Git repository

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

問題

When adding a Git repository to Fisheye using the SSH protocol, testing the connection throws the following error in the UI:

atlassian-fisheye-<date>.log: に次のログが記録されます。

2016-04-01 15:00:00,000 ERROR [qtp1864387098-21099 ection-1459537718527] fisheye RepositoryAdminRpcServiceImpl-testRepositoryConnection - Error testing connection.
com.atlassian.fisheye.spi.admin.services.RepositoryConfigException: com.cenqua.fisheye.config.ConfigException: Error talking to repository: 
    
    Permission denied (publickey,password).
    fatal: Could not read from remote repository.
    
    Please make sure you have the correct access rights
    and the repository exists.
    
    at com.atlassian.fisheye.spi.admin.impl.DefaultRepositoryAdminService.testConnectionFor(DefaultRepositoryAdminService.java:864) [fisheye.jar:?]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [?:1.8.0_74]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [?:1.8.0_74]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [?:1.8.0_74]
    at java.lang.reflect.Method.invoke(Method.java:498) [?:1.8.0_74]
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) [spring-aop-4.0.9.RELEASE.jar:4.0.9.RELEASE]
    ...
    at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) [jetty-server-8.1.10.v20130312.jar:8.1.10.v20130312]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:628) [jetty-io-8.1.10.v20130312.jar:8.1.10.v20130312]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) [jetty-io-8.1.10.v20130312.jar:8.1.10.v20130312]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) [jetty-util-8.1.10.v20130312.jar:8.1.10.v20130312]
    at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) [jetty-util-8.1.10.v20130312.jar:8.1.10.v20130312]
    at java.lang.Thread.run(Thread.java:745) [?:1.8.0_74]
Caused by: com.cenqua.fisheye.config.ConfigException: Error talking to repository: 
    
    Permission denied (publickey,password).
    fatal: Could not read from remote repository.
    
    Please make sure you have the correct access rights
    and the repository exists.
    
    at com.atlassian.fisheye.git.GitScmConfig.testConnection(GitScmConfig.java:120) [fisheye.jar:?]
    at com.cenqua.fisheye.RepositoryConfig.testConnection(RepositoryConfig.java:428) [fisheye.jar:?]
    at com.atlassian.fisheye.spi.admin.impl.DefaultRepositoryAdminService.testConnectionFor(DefaultRepositoryAdminService.java:862) [fisheye.jar:?]
    ... 179 more

診断

診断ステップ

  • When having a key pair generated by Fisheye, make sure the public key generated is added to the ~/.ssh/authorized_keys file of the user running Fisheye.
  • From a command line, logged in as the user running Fisheye, test the SSH connection outside Fisheye:

    ssh -Tv <username>@<hostname>
    

    In the command above, replace username by the name of the user that accesses the Git repository, and hostname by the hostname of the server in which the Git repository resides.
    You may get an output, among which you may see the following regarding the authentication being performed:

    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Trying private key: /home/user/.ssh/id_rsa
    debug1: Trying private key: /home/user/.ssh/id_dsa
    debug1: Next authentication method: password
    <username>@<hostname>'s password:
    debug1: Authentication succeeded (password).

原因

If only the password authentication succeeded, this indicates that the authentication using the public key failed.

This topic suggested checking at the Git server's /var/log/auth.log file, which could give an idea of what's happening. For this occurrence, we found an entry similar as the following:

Sep 14 01:26:31 new-server sshd[22107]: Authentication refused: bad ownership or modes for directory /home/user/.ssh
Sep 14 01:26:46 new-server sshd[22108]: Connection closed by 98.76.54.32

The entry above was showing up both for the ~/.ssh directory and for the ~/.ssh/authorized_keys file. As explained by this article, SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600.

ソリューション

Adjust the permissions on the referenced directory and file, as follows:

chmod 700 /home/user/.ssh
chmod 600 /home/user/.ssh/authorized_keys

最終更新日 2018 年 7 月 31 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.