Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do you keep SourceTree/SSH from forgetting your SSH keys? (I have to manually re-run 'ssh-add' to get it to work again!)

UPDATE - It happened AGAIN!!!

Ok, so this just happened AGAIN! MAN is this frustrating!!! But this time I dug a little deeper and found that for some reason, my private keys were unloaded.

Specifically, when I call this...

ssh-add -l -E md5

I get this...

The agent has no identities.

However, if I then run this...

ssh-add /Users/[username]/.ssh/[private key]

Everything works again! SourceTree connects just as it's supposed to.

The question is why do I have to keep running the 'ssh-add' command?! Why does it keep forgetting my keys?!

As mentioned elsewhere, not sure if this makes a difference, but I'm running a MacBook Pro with High Sierra, although this happens on Sierra too.

Original Post:

This one has me both stumped, and annoyed as heck!! SourceTree (or ssh or something!) keeps forgetting/not applying/ignoring my SSH keys every day! I don't know why.

Note: Updated to use BitBucket's info instead of GitHub.

Here's the relevant portion of my current config file

# --- Sourcetree Generated ---
Host MarqueIV-Bitbucket
    HostName bitbucket.org
    User MarqueIV
    PreferredAuthentications publickey
    IdentityFile /Users/MarqueIV/.ssh/MarqueIV-Bitbucket
    UseKeychain yes
    AddKeysToAgent yes
# ----------------------------

Here's a 'ls' of my ~/.ssh folder (truncated)

-rw-r--r--@ 1 MarqueIV  staff   421 Dec 14 11:25 config
-rw-r--r--@ 1 MarqueIV  staff  1808 Dec  9 14:20 known_hosts
-rw-------  1 MarqueIV  staff  3243 Dec  6 23:33 MarqueIV-Bitbucket
-rw-r--r--  1 MarqueIV  staff   781 Dec  6 23:33 MarqueIV-Bitbucket.pub

Here's my known_hosts file (keys redacted)

bitbucket.org,104.192.143.3 ssh-rsa [redacted]
bitbucket.com,104.192.143.9 ssh-rsa [redacted]
104.192.143.2 ssh-rsa [redacted]

Note: Not sure if this matters, but you can see lines 1 and 2 seem to be duplicates.

And here's the output of ssh -Tv [email protected]

OpenSSH_7.6p1, LibreSSL 2.6.2
debug1: Reading configuration data /Users/MarqueIV/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to bitbucket.org port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /Users/MarqueIV/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/MarqueIV/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/MarqueIV/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/MarqueIV/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/MarqueIV/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/MarqueIV/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/MarqueIV/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/MarqueIV/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version conker_1.0.315-a08d059 app-153
debug1: no match: conker_1.0.315-a08d059 app-153
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /Users/MarqueIV/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:h+6zCXg32Uw4fYxSUMwYst3zee8RFb9Z47H1QUTz58E /Users/MarqueIV/.ssh/MarqueIV-GitHub
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/MarqueIV/.ssh/id_rsa
debug1: Trying private key: /Users/MarqueIV/.ssh/id_dsa
debug1: Trying private key: /Users/MarqueIV/.ssh/id_ecdsa
debug1: Trying private key: /Users/MarqueIV/.ssh/id_ed25519
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey).

See how it doesn't appear to be applying the key defined in config and known_hosts? Seems like that would be a problem, no?

Note: I'm using macOS Sierra, and I have updated my path to include /usr/bin before /usr/local/bin as outlined here. If I don't do that, I get an error saying ssh doesn't recognize UseKeychain yes in the config.

As a result, almost daily here's the routine I have to go through. I'll use GitHub as my example.

  1. I open SourceTree and try to pull the latest from GitHub. It fails with a '[email protected]: Permission denied (publickey).' message.

  2. I remove my GitHub account from SourceTree.

  3. I delete both the public and private keys for GitHub from the .ssh folder on my machine.

  4. I go to GitHub and delete my old public key from my account.

  5. Back in SourceTree, I log into GitHub again using my username and password.

  6. Once logged in, using SourceTree, I generate a new SSH key-pair for GitHub.

  7. I copy my public key to the SSH area in my GitHub account. (Sometimes I notice it adds it for me, but I like to be safe and double-check.)

  8. Now I can push and pull again just fine.

I go home for the day and log on at home. It fails again. Repeat all of the steps above.

How do I get SourceTree/ssh/whatever to remember my da*n keys so I don't have to keep doing this every time I change locations?! What step am I missing???

So can anyone offer suggestions on how to make my SSH keys 'stick'?

like image 593
Mark A. Donohoe Avatar asked Dec 14 '17 01:12

Mark A. Donohoe


1 Answers

First, install the latest Git for Windows release (the 2.15.1.2 one, by simply uncompressing the archive PortableGit-2.15.1.2-64-bit.7z.exe anywhere you want, and adding it to your PATH)

Second, make sure your SourceTree is using the System Git

Third, test in command-line if your ssh key is recognized:

ssh -T [email protected]

Hi username! You've successfully authenticated, 
but GitHub does not provide shell access.

Finally, make sure that SourceTree / Tools / Option uses as SSH client the OpenSSH one (not putty)

Then SourceTree should have nop problem reusing your ssh key.


From your logs, the ~/.ssh/config generate is wrong: it mentions as User your username.
Whenever you establish an SSH connection to github.com/bitbucket.org, it is never as "you". It is always as git.

Host MarqueIV-Bitbucket
    HostName bitbucket.org
    User MarqueIV
    PreferredAuthentications publickey
    IdentityFile /Users/MarqueIV/.ssh/MarqueIV-Bitbucket
    UseKeychain yes
    AddKeysToAgent yes

Test it with ssh -Tv MarqueIV-Bitbucket

like image 129
VonC Avatar answered Sep 23 '22 07:09

VonC