10

Hi I have my ssh config file setup to auto add ssh keys to ssh agent. However, currently it is not working. It was working previously. I updated the ssh key for bitbucket and it no longer works. When I reboot, I have to add the ssh key manually using ssh-add -K option.

Can someone help me figure out why ssh config isn't working? AddKeysToAgent yes option is suppose to enable the auto adding of ssh keys.

I am running macOS Sierra 10.12.4

Here is config (I changed server names for sensitivity purposes)

GSSAPIAuthentication no

# --- SourceTree Generated ---
Host cik-bitbucket__com
    HostName bitbucket.com
    User cik
    PreferredAuthentications publickey
    IdentityFile /Users/cik/.ssh/cik-bitbucket__com
    UseKeychain yes
    AddKeysToAgent yes
# ----------------------------

Host *
    UseKeychain yes
    AddKeysToAgent yes
    ServerAliveInterval 15
    IdentityFile /Users/cik/.ssh/id_rsa

Host jenkins
    HostName pasjenkins1.mycompany.com
    UseKeychain yes
    AddKeysToAgent yes

Host jenkinsqa
    HostName pasjenkinsqa.mycompany.com
    UseKeychain yes
    AddKeysToAgent yes

Host artifactory
    HostName prp01
    UseKeychain yes
    AddKeysToAgent yes

Host bitbucket
    HostName bitbucket
    UseKeychain yes
    AddKeysToAgent yes

Host confluence
    HostName confluence01
    UseKeychain yes
    AddKeysToAgent yes

Host jira
    HostName jira01
    UseKeychain yes
    AddKeysToAgent yes

Host vagrant
    HostName 127.0.0.1
    Port 2222
    User vagrant
    IdentityFile /Users/cik/.vagrant.d/insecure_private_key

Host localhost
    HostName 127.0.0.1
    Port 2222
    User vagrant
    IdentityFile /Users/cik/.vagrant.d/insecure_private_key

Update:

Order matters.

This works

ssh-add -D
ssh-add -K /Users/cik/.ssh/cik-bitbucket__com
ssh-add
git push (Works)

Does not work

ssh-add -D
ssh-add
ssh-add -K /Users/cik/.ssh/cik-bitbucket__com
git push (Works)
CodyK
  • 3,426
  • 4
  • 36
  • 52
  • what does it mena *it no longer works* ? What does it do? How does the debug log look like? – Jakuje Apr 13 '17 at 07:16
  • My key for BitBucket isn't automatically being added to the ssh agent. Setting that parameter in the ssh key is suppose to add it on boot, which it is not doing. I have to manually add the identity. – CodyK Apr 13 '17 at 12:50
  • No, it is not supposed to add it at boot, but at first use. – Jakuje Apr 13 '17 at 12:51
  • Which it doesn't when I do a git push. Bitbucket throws authentication errors. – CodyK Apr 13 '17 at 12:55
  • *"How does the debug log look like?"* – Jakuje Apr 13 '17 at 12:56
  • Where would the log file be located? – CodyK Apr 13 '17 at 13:02
  • `ssh -vvv git@bitbucket.com` or whatever host are you using in your config. – Jakuje Apr 13 '17 at 13:03
  • It ends up rejecting since the bitbucket key is for git only. I can't ssh to that server with the key but the logs look normal. – CodyK Apr 13 '17 at 13:07
  • I just posted an update. I found order matters. If I had my id_rsa first and do a git push, it gives me permission errors but if I add my git key first and then id_rsa, it works. – CodyK Apr 13 '17 at 13:14

1 Answers1

14

You have got too many keys in your agent and only limited amount can be tried before rejecting by server. Fortunately, you have quite nice configuration distinguishing the keys per hosts, so you should be able to fix that by setting

IdentitiesOnly yes

configuration option in your ssh_config.

Jakuje
  • 24,773
  • 12
  • 69
  • 75