ssh access to git-01.md.hardenedbsd.org
Created by: TommiP
Cannot access git over ssh.
There is a working tcp-connection. proof of that (this shouldn't work, just a connection test)
@~ ssh -v username@git-01.md.hardenedbsd.org
OpenSSH_7.8p1, OpenSSL 1.1.1d-freebsd 10 Sep 2019
debug1: Reading configuration data /home/xxxxxxxxx/.ssh/config
debug1: /home/xxxxxxxxx/.ssh/config line 66: Applying options for git-01.md.hardenedbsd.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to git-01.md.hardenedbsd.org [63.88.83.120] port 22.
debug1: Connection established.
debug1: identity file /usr/home/ type 0
debug1: identity file /usr/home/ type -1
debug1: Local version string SSH-2.0-OpenSSH_7.8 FreeBSD-20180909
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.8 HardenedBSD 12-STABLE
debug1: match: OpenSSH_7.8 HardenedBSD 12-STABLE pat OpenSSH* compat 0x04000000
debug1: Authenticating to git-01.md.hardenedbsd.org:22 as 'username'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Es9N9VsqbvfdnSavFb/S0/L7HtSnbCTqGFfmhGCXVB0
debug1: Host 'git-01.md.hardenedbsd.org' is known and matches the ECDSA host key.
debug1: Found key in /home/xxxxxxxxx/.ssh/known_hosts:yy
debug1: rekey after 67108864 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 67108864 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: Fssh_kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
=============================
HardenedBSD Master git Server
=============================
Please note that connections and activity to this server are logged.
This server, git-01.md.hardenedbsd.org, acts as the source-of-truth
server for the HardenedBSD repositories.
Banner last updated: 10 Feb 2020 09:32 EST
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:8zr3ii0OR4jUVWGW5np94iRlakgtVitr9wL1mExu0/M /usr/home/xxxxxxxxx/.ssh/key
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
username@git-01.md.hardenedbsd.org: Permission denied (publickey).
@~
Trying to clone anything from the git-server will result into this:
@~ git clone -v git@git-01.md.hardenedbsd.org:TommiP/hardenedbsd-ports.git
Cloning into 'hardenedbsd-ports'...
=============================
HardenedBSD Master git Server
=============================
Please note that connections and activity to this server are logged.
This server, git-01.md.hardenedbsd.org, acts as the source-of-truth
server for the HardenedBSD repositories.
Banner last updated: 10 Feb 2020 09:32 EST
Enter passphrase for key '/usr/home/xxxxxxxxx/.ssh/my_private_key___public_part_is_in_gitea_profile':
Connection closed by 63.88.83.120 port 22
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
@~
The git user seems to be correctly mapped to somewhere as trying the same with a different user leads to:
@~ git clone -v anyname@git-01.md.hardenedbsd.org:TommiP/hardenedbsd-ports.git
Cloning into 'hardenedbsd-ports'...
=============================
HardenedBSD Master git Server
=============================
Please note that connections and activity to this server are logged.
This server, git-01.md.hardenedbsd.org, acts as the source-of-truth
server for the HardenedBSD repositories.
Banner last updated: 10 Feb 2020 09:32 EST
anyname@git-01.md.hardenedbsd.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
@~