ssh-copy-id permission denied












3














I'm trying to set up a git repo for a project and therefore I want to make use of ssh keys in order to not re-enter my password every time.
I stumbled over the possibility to let ssh do the copying work with ssh-copy-id, however it does not seem to work out for me.



$ ssh-copy-id -i git@server

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: 

"/c/Users/Me/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to 

filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are 

prompted now it is to install the new keys

git@server's password:

sh: 1: cannot create .ssh/authorized_keys: Permission denied


Edit: I solved the problem the following way:
- logged in root via su
- changed ownership of the authorized_keys file via chown git /home/git/.ssh/authorized keysto git
- then logged git back in
- lastly changed the rw permission to 600 via chmod 600 ~/.ssh/authorized keysand successfully copied the key over






ssh







share|improve this question
























  • Can you check permission of .ssh directory using ls -ld .ssh in the git server? The user and group ownership should be git:git and permission should be 700
    – Sourav
    Jun 25 '17 at 8:13












  • Seems like it: drwx------ 2 git git 4096 Jun 25 02:49 /home/git/.ssh
    – Tom Connery
    Jun 25 '17 at 9:45










  • Are you able to touch .ssh/authorized_keys on the server?
    – l0b0
    Jun 25 '17 at 9:48










  • git@rs000018:~$ touch .ssh/authorized_keys touch: cannot touch ‘.ssh/authorized_keys’: Permission denied Seems like a clear no =/
    – Tom Connery
    Jun 25 '17 at 12:28








  • 1




    Answers should go in the Answer box, not as an addendum to the question.
    – Jeff Schaller
    Jul 1 '17 at 17:14
















3














I'm trying to set up a git repo for a project and therefore I want to make use of ssh keys in order to not re-enter my password every time.
I stumbled over the possibility to let ssh do the copying work with ssh-copy-id, however it does not seem to work out for me.



$ ssh-copy-id -i git@server

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: 

"/c/Users/Me/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to 

filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are 

prompted now it is to install the new keys

git@server's password:

sh: 1: cannot create .ssh/authorized_keys: Permission denied


Edit: I solved the problem the following way:
- logged in root via su
- changed ownership of the authorized_keys file via chown git /home/git/.ssh/authorized keysto git
- then logged git back in
- lastly changed the rw permission to 600 via chmod 600 ~/.ssh/authorized keysand successfully copied the key over






ssh







share|improve this question
























  • Can you check permission of .ssh directory using ls -ld .ssh in the git server? The user and group ownership should be git:git and permission should be 700
    – Sourav
    Jun 25 '17 at 8:13












  • Seems like it: drwx------ 2 git git 4096 Jun 25 02:49 /home/git/.ssh
    – Tom Connery
    Jun 25 '17 at 9:45










  • Are you able to touch .ssh/authorized_keys on the server?
    – l0b0
    Jun 25 '17 at 9:48










  • git@rs000018:~$ touch .ssh/authorized_keys touch: cannot touch ‘.ssh/authorized_keys’: Permission denied Seems like a clear no =/
    – Tom Connery
    Jun 25 '17 at 12:28








  • 1




    Answers should go in the Answer box, not as an addendum to the question.
    – Jeff Schaller
    Jul 1 '17 at 17:14














3












3








3







I'm trying to set up a git repo for a project and therefore I want to make use of ssh keys in order to not re-enter my password every time.
I stumbled over the possibility to let ssh do the copying work with ssh-copy-id, however it does not seem to work out for me.



$ ssh-copy-id -i git@server

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: 

"/c/Users/Me/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to 

filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are 

prompted now it is to install the new keys

git@server's password:

sh: 1: cannot create .ssh/authorized_keys: Permission denied


Edit: I solved the problem the following way:
- logged in root via su
- changed ownership of the authorized_keys file via chown git /home/git/.ssh/authorized keysto git
- then logged git back in
- lastly changed the rw permission to 600 via chmod 600 ~/.ssh/authorized keysand successfully copied the key over






ssh







share|improve this question















I'm trying to set up a git repo for a project and therefore I want to make use of ssh keys in order to not re-enter my password every time.
I stumbled over the possibility to let ssh do the copying work with ssh-copy-id, however it does not seem to work out for me.



$ ssh-copy-id -i git@server

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: 

"/c/Users/Me/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to 

filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are 

prompted now it is to install the new keys

git@server's password:

sh: 1: cannot create .ssh/authorized_keys: Permission denied


Edit: I solved the problem the following way:
- logged in root via su
- changed ownership of the authorized_keys file via chown git /home/git/.ssh/authorized keysto git
- then logged git back in
- lastly changed the rw permission to 600 via chmod 600 ~/.ssh/authorized keysand successfully copied the key over






ssh




ssh






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 3 hours ago









Rui F Ribeiro

39.2k1479130




39.2k1479130










asked Jun 25 '17 at 2:30









Tom Connery

1614




1614












  • Can you check permission of .ssh directory using ls -ld .ssh in the git server? The user and group ownership should be git:git and permission should be 700
    – Sourav
    Jun 25 '17 at 8:13












  • Seems like it: drwx------ 2 git git 4096 Jun 25 02:49 /home/git/.ssh
    – Tom Connery
    Jun 25 '17 at 9:45










  • Are you able to touch .ssh/authorized_keys on the server?
    – l0b0
    Jun 25 '17 at 9:48










  • git@rs000018:~$ touch .ssh/authorized_keys touch: cannot touch ‘.ssh/authorized_keys’: Permission denied Seems like a clear no =/
    – Tom Connery
    Jun 25 '17 at 12:28








  • 1




    Answers should go in the Answer box, not as an addendum to the question.
    – Jeff Schaller
    Jul 1 '17 at 17:14


















  • Can you check permission of .ssh directory using ls -ld .ssh in the git server? The user and group ownership should be git:git and permission should be 700
    – Sourav
    Jun 25 '17 at 8:13












  • Seems like it: drwx------ 2 git git 4096 Jun 25 02:49 /home/git/.ssh
    – Tom Connery
    Jun 25 '17 at 9:45










  • Are you able to touch .ssh/authorized_keys on the server?
    – l0b0
    Jun 25 '17 at 9:48










  • git@rs000018:~$ touch .ssh/authorized_keys touch: cannot touch ‘.ssh/authorized_keys’: Permission denied Seems like a clear no =/
    – Tom Connery
    Jun 25 '17 at 12:28








  • 1




    Answers should go in the Answer box, not as an addendum to the question.
    – Jeff Schaller
    Jul 1 '17 at 17:14
















Can you check permission of .ssh directory using ls -ld .ssh in the git server? The user and group ownership should be git:git and permission should be 700
– Sourav
Jun 25 '17 at 8:13






Can you check permission of .ssh directory using ls -ld .ssh in the git server? The user and group ownership should be git:git and permission should be 700
– Sourav
Jun 25 '17 at 8:13














Seems like it: drwx------ 2 git git 4096 Jun 25 02:49 /home/git/.ssh
– Tom Connery
Jun 25 '17 at 9:45




Seems like it: drwx------ 2 git git 4096 Jun 25 02:49 /home/git/.ssh
– Tom Connery
Jun 25 '17 at 9:45












Are you able to touch .ssh/authorized_keys on the server?
– l0b0
Jun 25 '17 at 9:48




Are you able to touch .ssh/authorized_keys on the server?
– l0b0
Jun 25 '17 at 9:48












git@rs000018:~$ touch .ssh/authorized_keys touch: cannot touch ‘.ssh/authorized_keys’: Permission denied Seems like a clear no =/
– Tom Connery
Jun 25 '17 at 12:28






git@rs000018:~$ touch .ssh/authorized_keys touch: cannot touch ‘.ssh/authorized_keys’: Permission denied Seems like a clear no =/
– Tom Connery
Jun 25 '17 at 12:28






1




1




Answers should go in the Answer box, not as an addendum to the question.
– Jeff Schaller
Jul 1 '17 at 17:14




Answers should go in the Answer box, not as an addendum to the question.
– Jeff Schaller
Jul 1 '17 at 17:14










2 Answers
2






active

oldest

votes


















2














If an account is dedicated to git usage, it makes sense for the administrator to make it a restricted account, only allowed to run git commands. In particular, git access should not be enough to change the credentials and restrictions on the account. This is done by having a ~/.ssh/authorized_keys that isn't writable by the user. There is usually an out-of-band mechanism to set up credentials, for example a web interface.



If you're the administrator, you need to dig in to find out how the git accounts are set up. Check the SSH server configuration (/etc/sshd_config or /etc/ssh/sshd_config to see where the authorized_keys files are located (AuthorizedKeysFile setting). Once you've found the file, add the public key to it: an authorized_keys files is just a list of line, each normally containing a public key copied straight from a .pub file. Check the configuration to see whether restrictions on the use of the key should be added at the end of the file (e.g. command="git-shell" nopty no-agent-forwarding no-port-forwarding no-X11-forwarding).






share|improve this answer





























    0














    Let us consider we have 2 machines, 'A' and 'B'
    Now you want to connect from A to 'B'



    So in B machine do the following



    vi /etc/ssh_sshd_config



    Now search for this two line and change to the following as shown below.



    PasswordAuthentication yes



    PermitRootLogin yes



    Now Restart the sshd service in 'B' machine



    service sshd restart



    Now copy the key from 'A' machine to 'B' machine and I hope it will Work fine



    ssh-copy-id root@154.34.22.109






    share|improve this answer





















      Your Answer








      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "106"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: false,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: null,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });














      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f373210%2fssh-copy-id-permission-denied%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      2














      If an account is dedicated to git usage, it makes sense for the administrator to make it a restricted account, only allowed to run git commands. In particular, git access should not be enough to change the credentials and restrictions on the account. This is done by having a ~/.ssh/authorized_keys that isn't writable by the user. There is usually an out-of-band mechanism to set up credentials, for example a web interface.



      If you're the administrator, you need to dig in to find out how the git accounts are set up. Check the SSH server configuration (/etc/sshd_config or /etc/ssh/sshd_config to see where the authorized_keys files are located (AuthorizedKeysFile setting). Once you've found the file, add the public key to it: an authorized_keys files is just a list of line, each normally containing a public key copied straight from a .pub file. Check the configuration to see whether restrictions on the use of the key should be added at the end of the file (e.g. command="git-shell" nopty no-agent-forwarding no-port-forwarding no-X11-forwarding).






      share|improve this answer


























        2














        If an account is dedicated to git usage, it makes sense for the administrator to make it a restricted account, only allowed to run git commands. In particular, git access should not be enough to change the credentials and restrictions on the account. This is done by having a ~/.ssh/authorized_keys that isn't writable by the user. There is usually an out-of-band mechanism to set up credentials, for example a web interface.



        If you're the administrator, you need to dig in to find out how the git accounts are set up. Check the SSH server configuration (/etc/sshd_config or /etc/ssh/sshd_config to see where the authorized_keys files are located (AuthorizedKeysFile setting). Once you've found the file, add the public key to it: an authorized_keys files is just a list of line, each normally containing a public key copied straight from a .pub file. Check the configuration to see whether restrictions on the use of the key should be added at the end of the file (e.g. command="git-shell" nopty no-agent-forwarding no-port-forwarding no-X11-forwarding).






        share|improve this answer
























          2












          2








          2






          If an account is dedicated to git usage, it makes sense for the administrator to make it a restricted account, only allowed to run git commands. In particular, git access should not be enough to change the credentials and restrictions on the account. This is done by having a ~/.ssh/authorized_keys that isn't writable by the user. There is usually an out-of-band mechanism to set up credentials, for example a web interface.



          If you're the administrator, you need to dig in to find out how the git accounts are set up. Check the SSH server configuration (/etc/sshd_config or /etc/ssh/sshd_config to see where the authorized_keys files are located (AuthorizedKeysFile setting). Once you've found the file, add the public key to it: an authorized_keys files is just a list of line, each normally containing a public key copied straight from a .pub file. Check the configuration to see whether restrictions on the use of the key should be added at the end of the file (e.g. command="git-shell" nopty no-agent-forwarding no-port-forwarding no-X11-forwarding).






          share|improve this answer












          If an account is dedicated to git usage, it makes sense for the administrator to make it a restricted account, only allowed to run git commands. In particular, git access should not be enough to change the credentials and restrictions on the account. This is done by having a ~/.ssh/authorized_keys that isn't writable by the user. There is usually an out-of-band mechanism to set up credentials, for example a web interface.



          If you're the administrator, you need to dig in to find out how the git accounts are set up. Check the SSH server configuration (/etc/sshd_config or /etc/ssh/sshd_config to see where the authorized_keys files are located (AuthorizedKeysFile setting). Once you've found the file, add the public key to it: an authorized_keys files is just a list of line, each normally containing a public key copied straight from a .pub file. Check the configuration to see whether restrictions on the use of the key should be added at the end of the file (e.g. command="git-shell" nopty no-agent-forwarding no-port-forwarding no-X11-forwarding).







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Jun 25 '17 at 23:02









          Gilles

          529k12810611587




          529k12810611587

























              0














              Let us consider we have 2 machines, 'A' and 'B'
              Now you want to connect from A to 'B'



              So in B machine do the following



              vi /etc/ssh_sshd_config



              Now search for this two line and change to the following as shown below.



              PasswordAuthentication yes



              PermitRootLogin yes



              Now Restart the sshd service in 'B' machine



              service sshd restart



              Now copy the key from 'A' machine to 'B' machine and I hope it will Work fine



              ssh-copy-id root@154.34.22.109






              share|improve this answer


























                0














                Let us consider we have 2 machines, 'A' and 'B'
                Now you want to connect from A to 'B'



                So in B machine do the following



                vi /etc/ssh_sshd_config



                Now search for this two line and change to the following as shown below.



                PasswordAuthentication yes



                PermitRootLogin yes



                Now Restart the sshd service in 'B' machine



                service sshd restart



                Now copy the key from 'A' machine to 'B' machine and I hope it will Work fine



                ssh-copy-id root@154.34.22.109






                share|improve this answer
























                  0












                  0








                  0






                  Let us consider we have 2 machines, 'A' and 'B'
                  Now you want to connect from A to 'B'



                  So in B machine do the following



                  vi /etc/ssh_sshd_config



                  Now search for this two line and change to the following as shown below.



                  PasswordAuthentication yes



                  PermitRootLogin yes



                  Now Restart the sshd service in 'B' machine



                  service sshd restart



                  Now copy the key from 'A' machine to 'B' machine and I hope it will Work fine



                  ssh-copy-id root@154.34.22.109






                  share|improve this answer












                  Let us consider we have 2 machines, 'A' and 'B'
                  Now you want to connect from A to 'B'



                  So in B machine do the following



                  vi /etc/ssh_sshd_config



                  Now search for this two line and change to the following as shown below.



                  PasswordAuthentication yes



                  PermitRootLogin yes



                  Now Restart the sshd service in 'B' machine



                  service sshd restart



                  Now copy the key from 'A' machine to 'B' machine and I hope it will Work fine



                  ssh-copy-id root@154.34.22.109







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Nov 16 '18 at 14:07









                  imran

                  1




                  1






























                      draft saved

                      draft discarded




















































                      Thanks for contributing an answer to Unix & Linux Stack Exchange!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.





                      Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                      Please pay close attention to the following guidance:


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f373210%2fssh-copy-id-permission-denied%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      -

                      Popular posts from this blog

                      Entries order in /etc/network/interfaces

                      Image
                      4 I have a device with two interfaces, eth0 and eth1. One should get its IP from a DHCP server and the other should get its IP statically. If my /etc/network/interfaces file is configured as follows: auto lo iface lo inet loopback auto eth1 iface eth1 inet dhcp iface eth1 inet6 auto auto eth0 iface eth0 inet static address 10.10.10.10 netmask 255.255.255.0 Everything works great, eth1 gets its IP from the DHCP server, eth0 sets its IP statically from the information given, but if I try to change the order in the file, such as auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 10.10.10.10 netmask 255.255.255.0 auto eth1 iface eth1 inet dhcp iface eth1 inet6 auto In this case, eth1 fails to get an IP. Does the /etc/network/interface care about th...
                      Read more

                      新発田市

                      Image
                      しばたし 新発田市 市のシンボル・新発田城(二の丸隅櫓) 新発田市旗 1934年7月9日制定 新発田市章 1934年7月9日制定 国 日本 地方 中部地方、北陸地方 甲信越地方、信越地方 都道府県 新潟県 団体コード 15206-4 法人番号 5000020152064 面積 533.10 km 2 総人口 96,267 人 [編集] (推計人口、2018年10月1日) 人口密度 181 人/km 2 隣接自治体 新潟市、阿賀野市、胎内市、北蒲原郡聖籠町、東蒲原郡阿賀町 福島県喜多方市 山形県西置賜郡小国町 市の木 サクラ 市の花 アヤメ 市のシンボル 新発田城 新発田市役所 市長 [編集] 二階堂馨 所在地 〒 957-8686 新潟県新発田市中央町3丁目3番3号 北緯37度56分52.5秒東経139度19分38.2秒 外部リンク 公式ウェブサイト ■ ― 政令指定都市 / ■ ― 市 / ■ ― 町 / ■ ― 村 地理院地図 Google Bing GeoHack MapFan Mapion Yahoo! NAVITIME ゼンリン   表示   ウィキプロジェクト 新発田市中心部周辺の空中写真。 1975年撮影の8枚を合成作成。国土交通省 国土画像情報(カラー空中写真)を基に作成。 新発田市 (しばたし)は、新潟県下越地方にある市である。新潟市への通勤率は16.6%(平成22年国勢調査)。 目次 1 概要 2 地理 2.1 隣接している自治体・行政区 3 地域・市街地構成 4 歴史 4.1 市名の由来 4.2 沿革 5 人口 6 行政 6.1 市長 7 経済 7.1 産業 7.1.1 市内の主な企業 7.1.2 漁業 8 姉妹都市・提携都市 8.1 国内 8.2 海外 9 施設・...
                      Read more

                      Grub takes very long (several minutes) to open Menu (in Multi-Boot-System)

                      Image
                      0 I have a Multi-Boot-System with 4 different installations of Linux. (1 Manjaro, 3 Mint) spread over 2 hard drives (2 on each). After doing grub-install /dev/sdX and update-grub several times within each installation ... the Grub-menu needs more and more time to open. It started with a few more seconds, now it takes several minutes. I tried to purge and reinstall Grub but this made the problem even worse: apt-get purge grub grub-pc grub-common apt-get install grub-common grub-pc os-prober update-grub What could be causing this problem? linux grub2 multiboot share | improve this question edited 4 mins ago ...
                      Read more