GitLab ssh key not working

Hello everyone , i’m facing a common issue and i have no idea what the error is , can someone help ?
(p.s : pls ignore any " ’ " in logs as i added them for new user/10 links posting criteria)

$ ssh -vvvT ‘git@gitlab.com
OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "gitlab’.com" port 22
debug2: ssh_connect_direct
debug1: Connecting to gitlab’.com [172.65.251.78] port 22.
debug1: Connection established.
debug1: identity file /c/Users/aakkaoui/.ssh/id_rsa type -1
debug1: identity file /c/Users/aakkaoui/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/aakkaoui/.ssh/id_dsa type -1
debug1: identity file /c/Users/aakkaoui/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/aakkaoui/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/aakkaoui/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/aakkaoui/.ssh/id_ed25519 type 3
debug1: identity file /c/Users/aakkaoui/.ssh/id_ed25519-cert type -1
debug1: identity file /c/Users/aakkaoui/.ssh/id_xmss type -1
debug1: identity file /c/Users/aakkaoui/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to gitlab’.com:22 as ‘git’
debug3: hostkeys_foreach: reading file “/c/Users/aakkaoui/.ssh/known_hosts”
debug3: record_hostkey: found key type ECDSA in file /c/Users/aakkaoui/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from gitlab’.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ec’dsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256’,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp25’6-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly130’5@openssh.com,aes128-ctr,aes’192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: ciphers stoc: chacha20-poly’1305@openssh.com,aes128’-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: MACs ctos: umac-64-etm@‘openssh.‘com,umac-‘128-etm@openssh.com,‘hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh’.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh’.com,zlib
debug2: compression stoc: none,zlib@openssh’.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh’.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh’.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh’.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh’.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh’.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh’.com
debug2: compression stoc: none,zlib@openssh’.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256@libssh’.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh’.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh’.com MAC: compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw
debug3: hostkeys_foreach: reading file “/c/Users/aakkaoui/.ssh/known_hosts”
debug3: record_hostkey: found key type ECDSA in file /c/Users/aakkaoui/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from gitlab’.com
debug3: hostkeys_foreach: reading file “/c/Users/aakkaoui/.ssh/known_hosts”
debug3: record_hostkey: found key type ECDSA in file /c/Users/aakkaoui/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 172.65.251.78
debug1: Host ‘gitlab’.com’ is known and matches the ECDSA host key.
debug1: Found key in /c/Users/aakkaoui/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/aakkaoui/.ssh/id_ed25519 ED25519 SHA256:NpNqi2WqaptFeJDg7zd8WZST4u+xj5Z8Uo4OSh+DFxY agent
debug1: Will attempt key: /c/Users/aakkaoui/.ssh/id_rsa
debug1: Will attempt key: /c/Users/aakkaoui/.ssh/id_dsa
debug1: Will attempt key: /c/Users/aakkaoui/.ssh/id_ecdsa
debug1: Will attempt key: /c/Users/aakkaoui/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /c/Users/aakkaoui/.ssh/id_ed25519 ED25519 SHA256:NpNqi2WqaptFeJDg7zd8WZST4u+xj5Z8Uo4OSh+DFxY agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /c/Users/aakkaoui/.ssh/id_rsa
debug3: no such identity: /c/Users/aakkaoui/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /c/Users/aakkaoui/.ssh/id_dsa
debug3: no such identity: /c/Users/aakkaoui/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /c/Users/aakkaoui/.ssh/id_ecdsa
debug3: no such identity: /c/Users/aakkaoui/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /c/Users/aakkaoui/.ssh/id_xmss
debug3: no such identity: /c/Users/aakkaoui/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
git@gitlab.com: Permission denied (publickey).

Hi,

your client doesn’t offer an SSH key, the automated lookup fails. You might want to configure a different path in your local .ssh/config file, or for testing, pass it via the -i parameter.

Also, please note that you will be logged out immediately after a successful SSH login attempt as the git shell is not a real unix shell.

See my test:

ssh git@gitlab.com
The authenticity of host 'gitlab.com (2606:4700:90:0:f22e:fbec:5bed:a9b9)' can't be established.
ECDSA key fingerprint is SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'gitlab.com,2606:4700:90:0:f22e:fbec:5bed:a9b9' (ECDSA) to the list of known hosts.
PTY allocation request failed on channel 0
Welcome to GitLab, @dnsmichi!
Connection to gitlab.com closed.

Cheers,
Michael

hi @dnsmichi , i had a different log now , kindly guide me through this please :

$ ssh -vvvT git@gitlab.com
OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /c/Users/aakkaoui/.ssh/config
debug1: /c/Users/aakkaoui/.ssh/config line 1: Applying options for gitlab’.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving “gitlab’.com” port 22
debug2: ssh_connect_direct
debug1: Connecting to gitlab’.com [172.65.251.78] port 22.
debug1: Connection established.
debug1: identity file /c/Users/aakkaoui/.ssh/id_ed25519 type 3
debug1: identity file /c/Users/aakkaoui/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to gitlab’.com:22 as ‘git’
debug3: hostkeys_foreach: reading file “/c/Users/aakkaoui/.ssh/known_hosts”
debug3: record_hostkey: found key type ECDSA in file /c/Users/aakkaoui/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from gitlab’.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh’.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh’.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh’.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh’.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh’.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: MACs ctos: umac-64-etm@openssh’.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh’.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh’.com,zlib
debug2: compression stoc: none,zlib@openssh’.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh’.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh’.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh’.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh’.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh’.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh’.com
debug2: compression stoc: none,zlib@openssh’.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256@libssh’.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh’.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh’.com MAC: compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw
debug3: hostkeys_foreach: reading file “/c/Users/aakkaoui/.ssh/known_hosts”
debug3: record_hostkey: found key type ECDSA in file /c/Users/aakkaoui/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from gitlab’.com
debug3: hostkeys_foreach: reading file “/c/Users/aakkaoui/.ssh/known_hosts”
debug3: record_hostkey: found key type ECDSA in file /c/Users/aakkaoui/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 172.65.251.78
debug1: Host ‘gitlab’.com’ is known and matches the ECDSA host key.
debug1: Found key in /c/Users/aakkaoui/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/aakkaoui/.ssh/id_ed25519 ED25519 SHA256:NpNqi2WqaptFeJDg7zd8WZST4u+xj5Z8Uo4OSh+DFxY explicit agent
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /c/Users/aakkaoui/.ssh/id_ed25519 ED25519 SHA256:NpNqi2WqaptFeJDg7zd8WZST4u+xj5Z8Uo4OSh+DFxY explicit agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
git@gitlab.com: Permission denied (publickey).

Hi,

seems the key pair is loaded.

debug1: identity file /c/Users/aakkaoui/.ssh/id_ed25519 type 3

Still on the server side (in your GitLab profile that is) the SSH key is unknown. Please share a screenshot of your SSH keys settings - did you add the key there as suggested by the docs?

Cheers,
Michael

Hi , here it is :

I don’t know why this problem is occurring on my laptop , my other PCs don’t have this issue at all …
the difference between this laptop and other PCs , is that the former has an enterprise created account , so i’m not the owner of the repository nor the creator of the gitlab account , the admins handed it to me. Does that change anything ? knowing that i’m able of contributing to the repo …

Hi,

your description is a little confusing, I cannot really follow where things work or rather not.

Your user account is the holder of the SSH key which is then made available to the generic git user on gitlab.com.

Please try the following:

• Create a public project on your account on gitlab.com
• Extract the SSH clone URL
• Run git clone git@gitlab.com:USERNAME/PROJECTNAME.git on the CLI and share its output.
• If it is forbidden, add verbose levels

Cheers,
Michael

Hi , as i said , the account was created for me by my corporation’s admins ,therefore I can’t create a public repository :

As for the git clone command :

Thank you @dnsmichi for the response.

Best regards

Hi,

since we started this topic, you have been testing gitlab.com

But this screenshot says that this is a corporate self-hosted server in a custom domain. Also, it uses a different port (2224) instead of the default 22.

So I am curious … which test is the one we should be looking at?

Cheers,
Michael

Thank you @dnsmichi and sorry for any trouble , i’ll resolve the issue with the administrators .