SSH-RSA Key; connection close

What happens if you try bzr lp-login <login-name>?

Once you've done this (if you don't get any errors), you should be able to do bzr push bzr+ssh://bazaar.launchpad.net/~<login-name>/ffeng/first_upload

lp-login went off without a hitch, but now the push is giving me 'Permission denied (publickey).' Did my key somehow expire?

Closer, but still no cigar. Thank you, though!

Hmmm. If you do an ssh -v bazaar.launchpad.net it will give you more information on what's happening -- maybe ssh is not sending your private key in the session setup.

Hmm. That gave me a lot of stuff.

'debug1' says 'Miscellaneous failure: No credentials cache found.' Then it skips a line or two, some more stuff... It tries private keys in /.ssh/identity, /id_rsa, and /id_dsa. Then 'no more authentication methods to try'.

Checking my .ssh directory, there's only another item, 'known_hosts'.

If the only thing in your .ssh directory is "known_hosts" then that means there's no ssh key. You'll want to create a new one as follows:

ssh-keygen

Just accept the defaults for the location, and it's up to you whether to password protect it or not (recommended). Then add the output of ~/.ssh/id_rsa.pub as a new ssh key on Launchpad, and give it a little while to propogate. Then you should be good to go.

Thanks, Tom

I faced the same problem few days ago.

I went to my home folder, deleted ".ssh" folder ,because it might have errornous files.and followed the procedure for ssh-rsa key.

and it works fine.

Hope this helps you.

Same problem here. I created three new keys (with and without passphrase) but it still doesn't work.

[...]
debug1: Offering public key: /home/dominik/.ssh/id_rsa
Launchpad user 'dominik' doesn't have a registered SSH key
debug1: Authentications that can continue: publickey
[...]

Why does it think my launchpad name is dominik?

Committing just worked, ssh -v bazaar.launchpad.net still doesn't.

Dominik,

Which command were you using? And, have you done a `bzr lp-login`?

I used

bzr commit -m "Release 0.3"

to commit which now worked and did the 'bzr lp-login'. ssh -v
bazaar.launchpad.net still says "Permission denied (publickey)."

Domonik, what URL are you pushing to? When you do "bzr lp-login", if your local username differs from your launchpad user, you need to include the lp username at the end of the command, so

  bzr lp-login dominik-mayer

Ah sorry, I thought you meant the other command. Yes, I did use "bzr
lp-login dominik-mayer". The strange thing is that committing finally
worked but the ssh one still doesn't.

You probably didn't put ssh -v <email address hidden>, so you were trying to login as the user dominik which of course fails.

I have the same problem. With bzr lp-login I have:

bzr: ERROR: Connection error: curl connection error (SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed)
on https://launchpad.net/%7xxxxxx/%2Bsshkeys

With ssh -v <email address hidden> I have:

agl00014@linux-pkq1:~/.ssh> ssh -v <email address hidden>
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to bazaar.launchpad.net [91.189.90.11] port 22.
debug1: Connection established.
debug1: identity file /home/xxxx/.ssh/id_rsa type 1
debug1: identity file /home/xxxx/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version Twisted
debug1: no match: Twisted
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'bazaar.launchpad.net' is known and matches the RSA host key.
debug1: Found key in /home/xxxx/.ssh/known_hosts:25
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/xxxxx/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/xxxx/.ssh/id_rsa':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = es_ES.UTF-8
No shells on this server.
debug1: channel 0: free: client-session, nchannels 1
Connection to bazaar.launchpad.net closed.
debug1: Transferred: stdin 0, stdout 0, stderr 44 bytes in 0.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 187.9
debug1: Exit status -1

something to solve?

Alberto Garcia,

That's not the same problem. :-P

Your curl install can't find your CA certificates, so it can't verify
the SSL connection. SSH is not involved.

Perhaps running "sudo apt-get install ca-certificates" would help.

I work with Opensuse so I can resolve this situation. Any idea about this?

> No shells on this server.

Nothing to solve here.

I had this problem, and I changed the permissions of my .ssh folder (recursively) to only allow my user (rw), and no access for anyone else. This fixed the error when trying to push to Launchpad.

In My case the log is:
qualiserve@OpenErp:~$ ssh -v bazaar.launchpad.net
OpenSSH_5.5p1 Debian-6+squeeze3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to bazaar.launchpad.net [91.189.95.84] port 22.
debug1: Connection established.
debug1: identity file /home/qualiserve/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/qualiserve/.ssh/id_rsa-cert type -1
debug1: identity file /home/qualiserve/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/qualiserve/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version Twisted
debug1: no match: Twisted
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'bazaar.launchpad.net' is known and matches the RSA host key.
debug1: Found key in /home/qualiserve/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/qualiserve/.ssh/id_dsa
No such Launchpad account: qualiserve
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/qualiserve/.ssh/id_rsa
No such Launchpad account: qualiserve
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/qualiserve/.ssh/id_rsa
No such Launchpad account: qualiserve
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

Anybody help me?

@Cruz please open a new question not comment on a resolved one.