Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to git pull from public repo via ssh without a key?

Tags:

I have a public repo, https://github.com/rlpowell/config . I used to be able to run git pull without any ssh keys (i.e. from cron), and it work work fine, using the [email protected]:rlpowell/config.git URL (i.e. the SSH URL). This no longer works, and I've no idea why, but it does work for two of my friends.

I would like to be able to git pull a public repo without an ssh key, or at least understand why it doesn't work for me and does for other people.

Here's a friend trying my test case:

$ git clone [email protected]:rlpowell/config.git  ; cd config ; (unset SSH_AUTH_SOCK ; ssh-add -l ; git pull ) Cloning into 'config'... Warning: Permanently added the RSA host key for IP address '192.30.253.113' to the list of known hosts. remote: Counting objects: 1061, done. remote: Total 1061 (delta 0), reused 0 (delta 0), pack-reused 1061 Receiving objects: 100% (1061/1061), 544.42 KiB | 495.00 KiB/s, done. Resolving deltas: 100% (632/632), done. Checking connectivity... done. Could not open a connection to your authentication agent. Already up-to-date. 

And here's me doing exactly the same thing:

$ git clone [email protected]:rlpowell/config.git  ; cd config ; (unset SSH_AUTH_SOCK ; ssh-add -l ; git pull ) Cloning into 'config'... remote: Counting objects: 1061, done. remote: Total 1061 (delta 0), reused 0 (delta 0), pack-reused 1061 Receiving objects: 100% (1061/1061), 544.42 KiB | 0 bytes/s, done. Resolving deltas: 100% (632/632), done. Checking connectivity... done. Could not open a connection to your authentication agent. Enter passphrase for key '/home/rlpowell/.ssh/id_rsa': Permission denied (publickey). fatal: Could not read from remote repository.  Please make sure you have the correct access rights and the repository exists. 

(I hit enter at the ssh key password prompt).

In the repo, the .git/config is:

[core]         repositoryformatversion = 0         filemode = true         bare = false         logallrefupdates = true [remote "origin"]         url = [email protected]:rlpowell/config.git         fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"]         remote = origin         merge = refs/heads/master 

And git config -l is:

$ git config -l [email protected] user.name=Robin Lee Powell push.default=matching core.repositoryformatversion=0 core.filemode=true core.bare=false core.logallrefupdates=true [email protected]:rlpowell/config.git remote.origin.fetch=+refs/heads/*:refs/remotes/origin/* branch.master.remote=origin branch.master.merge=refs/heads/master 

git version is 2.5.5

strace says the thing actually running ssh is

ssh [email protected] git-upload-pack 'rlpowell/config.git' 
like image 650
rlpowell Avatar asked Jul 04 '16 08:07

rlpowell


People also ask

How do I clone a git repository without SSH key?

If you need to clone a private GitHub repository without an SSH key you can use a Personal Access Token. This can be useful in a build/deployment pipeline for example where you are using a programmatic GitHub user to clone into a temporary server or container.

Does every repo need a SSH key?

When using SSH with GitHub you'll often need to add deploy keys to the repo to allow read and write access over SSH. This can be problematic when using multiple repositories as Github won't allow the same deploy key (ssh key) to be used on multiple repositories.


2 Answers

I just tried it without key, and I confirm it cannot work (without SSH key):

$ git clone [email protected]:rlpowell/config.git Cloning into 'config'... Permission denied (publickey). fatal: Could not read from remote repository.  Please make sure you have the correct access rights and the repository exists. 

That is because GitHub won't authorize anonymous access through SSH (as opposed to https), as other git repo servers decided to do (like Gogits or go-gitea)

GitHub does mention:

SSH URLs provide access to a Git repository via SSH, a secure protocol.
To use these URLs, you must generate an SSH keypair on your computer and add the public key to your GitHub account.

(emphasis on must)

Why? (asked in 2015). While sshd can be configured to allow anonymous access, no public site would ever consider setting this up: it is too big of a security risk.

needs to work without a specific key

If you need anonymous access, you can use:

  • an https URL
  • a git URL: git://github.com/<user>/<repo>, although it uses the port 9418, which is often blocked in an enterprise environment.
like image 194
VonC Avatar answered Sep 17 '22 19:09

VonC


try run this command first :

ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no github.com 

and then git pull again.

like image 25
Denis Enrico Hasyim Avatar answered Sep 17 '22 19:09

Denis Enrico Hasyim