Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can't access AWS CodeCommit with SSH

Tags:

git

ssh

aws-codecommit

Having an incredibly difficult time figuring out how to get AWS CodeCommit to work with standard SSH authentication. Seen another topic like this but no answer and I'm not allowed to comment yet. This is on Windows using Git Bash.

Repro Steps

  1. Created IAM user with full permissions (AwsAdministrator)
  2. From Git Bash in ~/.ssh
  3. "cat id_rsa.pub" and copy output to clipboard
  4. In IAM console, click button to add SSH key and paste into the input field. Click Save.
  5. Attempt to access a CodeCommit repo (in this case trying to push) and get "Permission denied".

Git + SSH output

This is what I get from SSH with DEBUG3 logging:

debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/Dan/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp SHA256:<omitted>
debug3: sign_and_send_pubkey: RSA SHA256:<same-as-above>
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
fatal: Could not read from remote repository.

For comparison this is what I get using the exact same SSH keys to GitHub:

debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/Dan/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp SHA256:<same-as-above>
debug3: sign_and_send_pubkey: RSA SHA256:<same-as-above>
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([192.30.252.130]:22).

The above output was from running a normal git command such as git push origin master with ssh debug logging enabled in .ssh/config:

Host git-codecommit.us-east-1.amazonaws.com
  LogLevel DEBUG3

Host github.com
  LogLevel DEBUG3
like image 312
Dan Avatar asked Jan 03 '16 19:01

Dan

People also ask

How do I access my AWS CodeCommit?

To connect to a CodeCommit repositoryOpen the CodeCommit console at https://console.aws.amazon.com/codesuite/codecommit/home . In the region selector, choose the AWS Region where the repository was created. Repositories are specific to an AWS Region. For more information, see Regions and Git connection endpoints.

How do I get SSH key for CodeCommit?

In the IAM console, in the navigation pane, choose Users, and from the list of users, choose your IAM user. On the user details page, choose the Security Credentials tab, and then choose Upload SSH public key. Paste the contents of your SSH public key into the field, and then choose Upload SSH public key.

What ports should I open in my firewall for access to AWS CodeCommit?

Q: What ports should I open in my firewall for access to AWS CodeCommit? You will have to open outbound access to an AWS CodeCommit service endpoint on port 22 (SSH) or port 443 (HTTPS).

1 Answers

It looks like you missed a step in setting up SSH. You need to add this information to your .ssh/config file:

Host git-codecommit.us-east-1.amazonaws.com
   User Your-SSH-Key-ID, such as APKAEIBAERJR2EXAMPLE
   IdentityFile Your-Private-Key-File, such as ~/.ssh/codecommit_rsa or ~/.ssh/id_rsa

You can get Your-SSH-Key-ID from the IAM console.

like image 52
Wade Matveyenko Avatar answered Sep 19 '22 13:09

Wade Matveyenko
Sign in to Comment

Related questions

Is it possible to use GitHub Desktop application to commit to Bitbucket repository?
GIT: how to merge two branches without actually merging files (trivial merge)
How to include files in .gcloudignore that are ignored in .gitignore
Git: removing a file from being versioned, but not deleting it
Git: duplicate commits after local rebase, then pull
changing the git structure
How to add additional parents to old git commits?
git-credential-winstore prompt does not work with self hosted repositories
Migrate from tfs to git on visualstudio.com
Raspberry Pi and GitLab
Git in PHPstorm: Unstage files from Git (remove uncommited files from stage)
can I save space in a git repo by squashing commits?
How do I exit my git commit message? I'm NOT in the VIM, I used the " commit -m " command
Git push only for bare repositories?
How do you cancel an external git diff?
Get new upstream branch with git
Why is git core.preloadindex default value false?
Implementing TFS Pull Requests
What does it mean when it says a git step is "1 ahead"
How can I ignore big files and push to git repo

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!