Why doesn't my SSH key work for connecting to github?

Question

Note: I'm not a newb, and I've done this a gazillion times, but for some reason today it decided not to work.

I keep getting the Permission denied (publickey). error message when trying to connect to github via SSH or when trying to clone a repo, even after remaking the ssh key and adding it to "SSH Keys" in my account.

This is what I tried to do ten times today without success:

1. make a key with ssh-keygen.
2. open ~/.ssh/id_rsa.pub with Gedit or Notepad++ and copy the contents.
3. Go to account settings on github.com
4. Go to SSH Keys
5. Click on the Add Key button.
6. give the key a title
7. paste the key into the key box.
8. Save the key (enter my github password to verify).

And now, when I try doing ssh github.com it just won't work.... What in the world? Am I just too tired right now or am I missing something?

Here's the output from ssh -vvv github.com

OpenSSH_5.9p1, OpenSSL 1.0.0f 4 Jan 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to github.com [207.97.227.239] port 22. debug1: Connection established. debug3: Incorrect RSA1 identifier debug3: Could not load "/home/trusktr/.ssh/id_rsa" as a RSA1 public key debug1: identity file /home/trusktr/.ssh/id_rsa type 1 debug1: identity file /home/trusktr/.ssh/id_rsa-cert type -1 debug1: identity file /home/trusktr/.ssh/id_dsa type -1 debug1: identity file /home/trusktr/.ssh/id_dsa-cert type -1 debug1: identity file /home/trusktr/.ssh/id_ecdsa type -1 debug1: identity file /home/trusktr/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5github2 debug1: match: OpenSSH_5.1p1 Debian-5github2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "github.com" from file "/home/trusktr/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /home/trusktr/.ssh/known_hosts:16 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit:  debug2: kex_parse_kexinit:  debug2: kex_parse_kexinit: first_kex_follows 0  debug2: kex_parse_kexinit: reserved 0  debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit:  debug2: kex_parse_kexinit:  debug2: kex_parse_kexinit: first_kex_follows 0  debug2: kex_parse_kexinit: reserved 0  debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 122/256 debug2: bits set: 510/1024 d    ebug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48 debug3: load_hostkeys: loading entries for host "github.com" from file "/home/trusktr/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /home/trusktr/.ssh/known_hosts:16 debug3: load_hostkeys: loaded 1 keys debug3: load_hostkeys: loading entries for host "207.97.227.239" from file "/home/trusktr/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /home/trusktr/.ssh/known_hosts:16 debug3: load_hostkeys: loaded 1 keys debug1: Host 'github.com' is known and matches the RSA host key. debug1: Found key in /home/trusktr/.ssh/known_hosts:16 debug2: bits set: 497/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/trusktr/.ssh/id_rsa (0x14cce60) debug2: key: trusktr@rocketship (0x14ce2b0) debug2: key: /home/trusktr/.ssh/id_dsa ((nil)) debug2: key: /home/trusktr/.ssh/id_ecdsa ((nil)) debug1: Authentications that can continue: publickey debug3: start over, passed a different list publickey debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/trusktr/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey debug1: Offering RSA public key: trusktr@rocketship debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey debug1: Trying private key: /home/trusktr/.ssh/id_dsa debug3: no such identity: /home/trusktr/.ssh/id_dsa debug1: Trying private key: /home/trusktr/.ssh/id_ecdsa debug3: no such identity: /home/trusktr/.ssh/id_ecdsa debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey). 

Answer 1

The GitHub ssh setup mentions testing your GitHub connection with:

$ ssh -T [email protected] 

That follow the ssh uri syntax (also illustrated in "this answer").

But you did:

ssh github.com 

(without any user). In that case, ssh reverts to the SCP syntax, which relies on a ~/.ssh/config file, with a section "github.com", to list:

• the user
• the hostname
• (and optionally the public key location, but by default it will try ~/.ssh/id_rsa.pub)

To change it to a regular SSH URL, don't edit directly your .git/config file, as shown below.
Use the command git remote set-url:

git remote set-url origin [email protected]:username/repo.git 

Answer 2

I had a similar problem, github did not use my SSH key. I always had to enter my username and password.

I've been looking at .git/config, under [remote "origin"] there was:

    url = http://github.com/path/to/repository 

or

    url = https://github.com/path/to/repository 

I changed the line into

    url = ssh://[email protected]/path/to/repository 

and then it worked.