Reputation: 6378
Unable to push git repo to Heroku, despite valid SSH keys
There are lots of stack articles citing the same error message as I am getting.
I went through the entire heroku setup doc on another computer and everything worked perfectly. Not sure why this one is not working, but I need it to.
When I run:
> git push -v heroku master
Pushing to [email protected]:lit-tor-7969.git
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
All of the solutions on Stack involve reseting the ssh keys, and I believe the ssh keys are fine. I am on Mac OSX and have run:
heroku keys:clear
heroku keys:add
So it looks to me like the git is using /Users/bishopz/.ssh keys rather than the keys I generated manually inside the repository folder.
In addition to the answers below, this article seems to be providing a lot of insight: Cannot push to Heroku because key fingerprint
I tried completely removing the .ssh directory. I ran
heroku keys:clear
ssh-add -D #to remove all ssh identities
ssh-keygen -t rsa -C "[email protected]" -f ~/.ssh/id_rsa_heroku
ssh-add ~/.ssh/id_rsa_heroku
heroku keys:add ~/.ssh/id_rsa_heroku.pub
git push heroku master
and now get:
! Your key with fingerprint 27:5f:64:4e:2e:f0:41:5b:62:a9:95:d2:02:df:27:85 is not authorized to access lit-tor-7969.
fatal: The remote end hung up unexpectedly
The response to
ssh -vvv [email protected]
is now:
debug1: Host 'heroku.com' is known and matches the RSA host key.
debug1: Found key in /Users/bishopz/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: Offering RSA public key: /Users/bishopz/.ssh/id_rsa_heroku
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to heroku.com ([50.19.85.132]:22).
Any help appreciated, I'll start a new bounty if someone can post an answer that works for me.
Upvotes: 7
Views: 4772
Answers (4)
Reputation: 6378
Okay, I was able to solve it. Several of these answers were helpful. It seem that two things had happened.
First, based on this article the ssh keys had gotten confused. This was resolved by deleting the .ssh directory (of course this removed all the credentials for other things that use .ssh, but those can be recreated later):
heroku keys:clear
ssh-add -D #to remove all ssh identities
ssh-keygen -t rsa -C "[email protected]" -f ~/.ssh/id_rsa_heroku
ssh-add ~/.ssh/id_rsa_heroku
heroku keys:add ~/.ssh/id_rsa_heroku.pub
Secondly, based on an answer to this article the app name had somehow changed during the process of troubleshooting the ssh keys. The app name had to be manually edited in /repository_folder/.git/config
To get the correct app name I logged into heroku.com on the web and then updated the config file:
it's contains
[remote "heroku"]
url = [email protected]:my_new_app_name.git
fetch = +refs/heads/*:refs/remotes/heroku/*
Thanks to all that posted suggestions! I am so happy to finally be on my way to a new app!
--UPDATE--
I have to rerun this command every time I reboot the computer. I can add it my .profile or whatever, but thought it was worth a note.
Upvotes: 4
Reputation: 26555
This question is not really about git than about ssh. :)
Heroku uses git which uses ssh which allows only authentication by publickey. (But I think that is already clear.)
heroku keys:add will send the public key to heroku. Unless you specify an explicit key it will use ~/.ssh/id_[rd]sa.pub.
To authenticate successfully you need to present the matching private key. Unless specified otherwise ssh will use ~/.ssh/id_[rd]sa, but it will refuse to read it if permissions are too loose. (See man ssh section FILES for details.)
An easy way to check whether the permissions are fine is to add the key to the agent:
ssh-add ~/.ssh/id_[rd]sa
This should either add the key to the agent (verify with ssh-add -L) or complain about wrong permissions. (In case no agent is running in the first place, you can start one with 'ssh-agent bash'.)
After adding the key to the agent, the agent will take care of authentication and also your git should be able to connect without problems. :)
Upvotes: 7
Reputation: 1876
Depending on your setup. you might have a config file in your ~/.ssh/ directory that sets which file to be used as public key to use when pushing to heruko.
example (~/.ssh/config):
Host 127.0.0.1 #Use Heroku's IP
IdentityFile ~/.ssh/use_this_key
So if that is the case, then change the settings in the ~/.ssh/config file
Cheers
Upvotes: 2
Reputation: 1329292
The permissions on both the
.sshdirectory and the repository directory are 555
What counts for ssh connections are the group and other permissions of:
/home/user/.ssh/home/user/home
(replace /home/user by the actual path of your home directory)
The idea is that group and other attribute permission for .ssh and all its parent directories must not be writable.
555 is fine for .ssh, although 700 is recommended.
Check its parent directories: 755 or 555 all the way up to / (no '2', '3' or '6', indicating a writable directory for group or other).
Upvotes: 0
Related Questions
- Cannot push to Heroku because key fingerprint
- Cannot push git to remote repository: (SSH error)
- Cannot 'git push' to Heroku
- Heroku 'Permission denied (publickey) fatal: Could not read from remote repository' woes
- Heroku - Uploading SSH public key failed
- git push heroku master Permission denied (publickey)
- git clone fails for Heroku project
- git push heroku master fails because key is not authorized
- Deploy an app to heroku fail because of key not authorized
- Heroku key not accepted