Level 50
Hi,
One thing I can think of is that you are ommiting
ssh-rsa
part and pasting it without it?
On the other hand, you definately do it right on forge, maybe you are pasting the key incorrectly?
Hope it helps!
1 like
Aug 15, 2018
2
Level 1
unable to ssh into server using terminal (mac) with .ssh/id_rsa added to ssh keys
I know this question has been asked before here : https://laracasts.com/discuss/channels/forge/how-to-ssh-in-forge
But the advice on that thread doesn't appear to be working in my experience. Here what I have done to ssh into my machine:
- [on my mac] $ cat ~/.ssh/id_rsa.pub to get my public ssh key from my computer
- [on my mac] $ ssh-add ~/.ssh/id_rsa //probably not needed but just to make sure
- Pasted the output to the add key dialog at https://forge.laravel.com/servers/[server_id]/keys
- [on my mac] $ ssh forge@[server_ip] results in identity_sign: private key /Users/me/.ssh/id_rsa contents do not match public forge@[server_ip]: Permission denied (publickey).
[on my mac] $ ssh forge@[server_ip] -v
results in
debug1: Reading configuration data /Users/me/.ssh/config
debug1: /Users/me/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to [server ip] port 22.
debug1: Connection established.
debug1: identity file /Users/me/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4
debug1: match: OpenSSH_7.6p1 Ubuntu-4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to [server ip]:22 as 'forge'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:[key]
debug1: Host '[server ip]' is known and matches the ECDSA host key.
debug1: Found key in /Users/me/.ssh/known_hosts:9
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:[key] /Users/me/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: identity added to agent: /Users/me/.ssh/id_rsa
identity_sign: private key /Users/me/.ssh/id_rsa contents do not match public
debug1: No more authentication methods to try.
forge@[server ip]: Permission denied (publickey).
Level 1
Thank you for your help. I wrote a long answer to this question but I got logged out before I could post.
Anyway. I got it working.
I tested my existing public key on another aws server I had a private key for and the public key didn't work there either. So there was something wrong on my end. So I generated a new key using the steps here : https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/
Once I did that, I was able to log in to the other aws server after adding it to the ~/.ssh/authorized_keys.
I then added it to the ssh form in forge and was able to log into the forge server without issue!
One thing I did notice was that the new key was substantially longer than the previous on. I don't know if that was the cause but the working key was generated with 4096 bits
2 likes
Please or to participate in this conversation.