Issue
I am trying to setup ssh for my bitbucket following this official tutorial, however at the last step of troubleshooting the connection I get following
[email protected]: Permission denied (publickey).
here is the output of ssh -Tv [email protected]
OpenSSH_8.4p1, OpenSSL 1.1.1i FIPS 8 Dec 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: Connecting to bitbucket.org [2406:da00:ff00::22c5:2ef4] port 22.
debug1: Connection established.
debug1: identity file /home/myuser/.ssh/id_rsa type 0
debug1: identity file /home/myuser/.ssh/id_rsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_dsa type -1
debug1: identity file /home/myuser/.ssh/id_dsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/myuser/.ssh/id_ed25519 type -1
debug1: identity file /home/myuser/.ssh/id_ed25519-cert type -1
debug1: identity file /home/myuser/.ssh/id_ed25519_sk type -1
debug1: identity file /home/myuser/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/myuser/.ssh/id_xmss type -1
debug1: identity file /home/myuser/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.4
debug1: Remote protocol version 2.0, remote software version conker_c123b90d72-dirty conker-3003
debug1: no match: conker_c123b90d72-dirty conker-3003
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: [email protected] need=64 dh_need=64
debug1: kex: [email protected] need=64 dh_need=64
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:<random symbols>
The authenticity of host 'bitbucket.org (2406:da00:ff00::22c5:2ef4)' can't be established.
RSA key fingerprint is SHA256:<random symbols>.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'bitbucket.org,2406:da00:ff00::22c5:2ef4' (RSA) to the list of known hosts.
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/jiraichi/.ssh/id_rsa RSA SHA256:<random symbols> agent
debug1: Will attempt key: /home/myuser/.ssh/id_dsa
debug1: Will attempt key: /home/myuser/.ssh/id_ecdsa
debug1: Will attempt key: /home/myuser/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/myuser/.ssh/id_ed25519
debug1: Will attempt key: /home/myuser/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/myuser/.ssh/id_xmss
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/jiraichi/.ssh/id_rsa RSA SHA256:<random symbols> agent
debug1: send_pubkey_test: no mutual signature algorithm
debug1: Trying private key: /home/myuser/.ssh/id_dsa
debug1: Trying private key: /home/myuser/.ssh/id_ecdsa
debug1: Trying private key: /home/myuser/.ssh/id_ecdsa_sk
debug1: Trying private key: /home/myuser/.ssh/id_ed25519
debug1: Trying private key: /home/myuser/.ssh/id_ed25519_sk
debug1: Trying private key: /home/myuser/.ssh/id_xmss
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey).
really stuck here, any help appreciated
Solution
Apparently inserting this line PubkeyAcceptedKeyTypes +ssh-rsa into my /etc/ssh/ssh_config solved the problem, I am running Fedora 33
however I am still not sure whether this solution introduces any security risks.
edit: found a better (more clean I would say) solution here, apparently it is a known bug of Fedora 33 and currently workaround should be used.
update: as pointed in the comments correct solution is using ssh-keygen -t ed25519 and copy that public key into your bitbucket account.
Answered By - jiraichi Answer Checked By - Mary Flores (WPSolving Volunteer)
