I'm attempting to get my Fedora account setup properly so I can use Fedora's dist-git instance. Unfortunately, there's an issue with the authentication process in pkgs.fedoraproject.org, which is preventing me from authenticating with git via SSH.
pkgs.fedoraproject.org
The server seems to accept my public key according to SSH logs, however, it closes the connection immediately after. Attempting to log in as another user (obviously) results in an authentication error, as well as providing no public key at all. This issue forces me to clone packages with fedpkg anonymously and ultimately prevents me from sending any changes to remotes.
fedpkg
debug1: Host 'pkgs.fedoraproject.org' is known and matches the RSA-CERT host certificate. debug1: Found CA key in /home/jrelvas/.ssh/known_hosts:1 debug1: rekey out after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 4294967296 blocks debug1: get_agent_identities: bound agent to hostkey debug1: get_agent_identities: agent returned 2 keys debug1: Will attempt key: /home/jrelvas/.ssh/id_rsa_fedora RSA SHA256:prbrusn127RQLtqPsfp8k+SmPh2mlJUGHZFvgeucrMc explicit agent debug1: Will attempt key: jrelvas@aquecedor-3-0 RSA SHA256:NnXyitQ3RuA13NoZVNhTXNqD5N7Job6ZQQyzWZRqvrE agent debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/jrelvas/.ssh/id_rsa_fedora RSA SHA256:prbrusn127RQLtqPsfp8k+SmPh2mlJUGHZFvgeucrMc explicit agent debug1: Server accepts key: /home/jrelvas/.ssh/id_rsa_fedora RSA SHA256:prbrusn127RQLtqPsfp8k+SmPh2mlJUGHZFvgeucrMc explicit agent Connection closed by 38.145.60.17 port 22
jrelvas@aquecedor-3-0:~$ fedpkg -v clone mutter Cloning ssh://jrelvas@pkgs.fedoraproject.org/rpms/mutter Running: git clone ssh://jrelvas@pkgs.fedoraproject.org/rpms/mutter --origin origin Clonando para 'mutter'... Connection closed by 38.145.60.17 port 22 fatal: Incapaz de ler o repositório remoto. Certifica-te que tem as permissões de acesso corretas e que o repositório existe. Could not execute clone: Failed to execute command. Traceback (most recent call last): File "/usr/bin/fedpkg", line 33, in <module> sys.exit(load_entry_point('fedpkg==1.44', 'console_scripts', 'fedpkg')()) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.12/site-packages/fedpkg/__main__.py", line 89, in main sys.exit(client.args.command()) ^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.12/site-packages/pyrpkg/cli.py", line 2198, in clone self.cmd.clone(self.args.repo[0], File "/usr/lib/python3.12/site-packages/pyrpkg/__init__.py", line 1633, in clone self._run_command(cmd, cwd=path) File "/usr/lib/python3.12/site-packages/pyrpkg/__init__.py", line 1317, in _run_command raise rpkgError('Failed to execute command.') pyrpkg.errors.rpkgError: Failed to execute command.
This is due to only people in the 'packagers' group having ability to use ssh there.
You need to use https if you are not in the packager group.
See https://fedoraproject.org/wiki/Infrastructure/HTTPS-commits
Basically. 'fedpkg clone -a ...'
If you are then pushing to a fork, it should use https to push (if you used fedpkg clone -a to set up your fork repo locally).
Sorry its so confusing. I'd like to fix this in the coming year...
Metadata Update from @kevin: - Issue close_status updated to: Invalid - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.