How to git pull from public repo via ssh without a key?

Question

I have a public repo, https://github.com/rlpowell/config . I used to be able to run git pull without any ssh keys (i.e. from cron), and it work work fine, using the git@github.com:rlpowell/config.git URL (i.e. the SSH URL). This no longer works, and I've no idea why, but it does work for two of my friends.

I would like to be able to git pull a public repo without an ssh key, or at least understand why it doesn't work for me and does for other people.

Here's a friend trying my test case:

$ git clone git@github.com:rlpowell/config.git  ; cd config ; (unset SSH_AUTH_SOCK ; ssh-add -l ; git pull )
Cloning into 'config'...
Warning: Permanently added the RSA host key for IP address '192.30.253.113' to the list of known hosts.
remote: Counting objects: 1061, done.
remote: Total 1061 (delta 0), reused 0 (delta 0), pack-reused 1061
Receiving objects: 100% (1061/1061), 544.42 KiB | 495.00 KiB/s, done.
Resolving deltas: 100% (632/632), done.
Checking connectivity... done.
Could not open a connection to your authentication agent.
Already up-to-date.

And here's me doing exactly the same thing:

$ git clone git@github.com:rlpowell/config.git  ; cd config ; (unset SSH_AUTH_SOCK ; ssh-add -l ; git pull )
Cloning into 'config'...
remote: Counting objects: 1061, done.
remote: Total 1061 (delta 0), reused 0 (delta 0), pack-reused 1061
Receiving objects: 100% (1061/1061), 544.42 KiB | 0 bytes/s, done.
Resolving deltas: 100% (632/632), done.
Checking connectivity... done.
Could not open a connection to your authentication agent.
Enter passphrase for key '/home/rlpowell/.ssh/id_rsa':
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

(I hit enter at the ssh key password prompt).

In the repo, the .git/config is:

[core]
        repositoryformatversion = 0
        filemode = true
        bare = false
        logallrefupdates = true
[remote "origin"]
        url = git@github.com:rlpowell/config.git
        fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
        remote = origin
        merge = refs/heads/master

And git config -l is:

$ git config -l
user.email=rlpowell@digitalkingdom.org
user.name=Robin Lee Powell
push.default=matching
core.repositoryformatversion=0
core.filemode=true
core.bare=false
core.logallrefupdates=true
remote.origin.url=git@github.com:rlpowell/config.git
remote.origin.fetch=+refs/heads/*:refs/remotes/origin/*
branch.master.remote=origin
branch.master.merge=refs/heads/master

git version is 2.5.5

strace says the thing actually running ssh is

ssh git@github.com git-upload-pack 'rlpowell/config.git'

Answer 1

Others have mentioned that you can use https for fetching data without authentication (for public github repos). But that is obviously a problem when you want to push data occasionally too (for which you need authentication).

What you may want is to use unauthenticated https URL for fetching data, and authenticated ssh URL for pushing data - and both git and github support that, i.e.:

[remote "origin"]
        url = https://github.com/rlpowell/config.git
        pushurl = git@github.com:rlpowell/config.git
        fetch = +refs/heads/*:refs/remotes/origin/*

you can also change and verify it from command line:

% git remote set-url origin https://github.com/rlpowell/config.git
% git remote set-url origin --push git@github.com:rlpowell/config.git

% git remote -v
origin  https://github.com/rlpowell/config.git (fetch)
origin  git@github.com:rlpowell/config.git (push)

After that, git pull won't be asking for authentication, but git push will

(taken from this answer)

Answer 2

I just tried it without key, and I confirm it cannot work (without SSH key):

$ git clone git@github.com:rlpowell/config.git
Cloning into 'config'...
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

That is because GitHub won't authorize anonymous access through SSH (as opposed to https), as other git repo servers decided to do (like Gogits or go-gitea)

GitHub does mention:

SSH URLs provide access to a Git repository via SSH, a secure protocol.
To use these URLs, you must generate an SSH keypair on your computer and add the public key to your GitHub account.

(emphasis on must)

Why? (asked in 2015). While sshd can be configured to allow anonymous access, no public site would ever consider setting this up: it is too big of a security risk.

needs to work without a specific key

If you need anonymous access, you can use:

• an https URL
• a git URL: git://github.com/<user>/<repo>, although it uses the port 9418, which is often blocked in an enterprise environment.

Answer 3

I think you can't do this using SSH. Here is a good explanation:

GitHub protocol comparison

If you want to clone and pull the stuff without any key use HTTP(S).

So with

git clone http://github.com/rlpowell/config.git
Klone nach 'config' ...
warning: Leite nach https://github.com/rlpowell/config.git/ um
remote: Counting objects: 1234, done.
remote: Total 1234 (delta 0), reused 0 (delta 0), pack-reused 1234
Empfange Objekte: 100% (1234/1234), 2.01 MiB | 1.07 MiB/s, Fertig.
Löse Unterschiede auf: 100% (758/758), Fertig.

the ".git/config" will look like this:

[core]
    repositoryformatversion = 0
    filemode = true
    bare = false
    logallrefupdates = true
[remote "origin"]
    url = http://github.com/rlpowell/config.git
    fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
    remote = origin
    merge = refs/heads/master

You can change that file later on if you already cloned or use git config

With those settings you can git pull at any time.

Why using the url git@github.com:rlpowell/config.git does not work is due to the following reason:

The entry git@github.com:rlpowell will force you to authenticate using SSH. Github requires you to use keypairs if you want SSH authentication.

If you want to have an automatic cronjob user and still use SSH, create as that user a keypair and upload the public one to gitlab.

But if you only want to clone and pull, HTTPS will be more than enough. By the way, authentation via HTTPS is also possible. Github asks for your username and password if you try to push changes. This of course is not recommended, if you are using cronjobs.

Answer 4

You cannot connect to an SSH server without authenticating.

Thus it's impossible to clone or pull over SSH without a registered SSH key.

You have two options:

• Run the cron job as a user who has an SSH key that is associated with a GitHub account (you can use a config file to point at a specific key file if you want).
• Use HTTPS.

Answer 5

For public repo's you don't need any password. You can directly clone using their https link :

eg git clone https://github.com/rlpowell/config.git

Answer 6

It is a public GitHub repo and you just want to pull from it, so you can use the HTTPS URL instead:

https://github.com/rlpowell/config.git

Answer 7

try run this command first :

ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no github.com

and then git pull again.

Answer 8

You have issue with your certificate. the easy solution is simply to create a new one and replace the old one.

The problem can be caused by several issues for example: wrong host file entry, invoked ssh certificate and more.

so the best thing is to create a new certificate and test it.

Simply follow those steps and you will set up your ssh key in no time:

• Generate a new ssh key (or skip this step if you already have a key)
  ssh-keygen -t rsa -C "your@email"

• Once you have your key set in home/.ssh directory (or Users/<your user>.ssh under windows), open it and copy the content

---

How to add sh key to github account?

• Login to github account
• Click on the rancher on the top right (Settings)
  
• Click on the SSH keys
  
• Click on the Add ssh key
  
• Paste your key and save

And you all set to go :-)

Answer 9

Problem seem to be with ssh keys, at least response saing it:

Enter passphrase for key '/home/rlpowell/.ssh/id_rsa':
Permission denied (publickey).

So you need to add your public key to github

Adding a new SSH key to your GitHub account

Also you can run :

ssh -T git@github.com

to check ssh connection to github