- Cannot push to git repository — permission denied
- Error: Permission denied (publickey)
- Should the sudo command or elevated privileges be used with Git?
- Check that you are connecting to the correct server
- Always use the «git» user
- Make sure you have a key that is being used
- Getting more details
- Verify the public key is attached to your account
- Help and support
- Help us make these docs great!
Cannot push to git repository — permission denied
I had the similar problem and my problem was solved by running the following command to add my key to the list of known keys:
This has helped me so many times. Is there a way to just permanently add this so i don’t always have to go through the motions.
You need to do in your console (if you use an a putty ssh client):
- Generate the keys, if keys not exist:
cd ~/.ssh && ssh-keygen -lf ~/.ssh/id_rsa.pub
Don’t forget password, entered at this step!
- Output your public key to screen:
If you haven’t already read it, you should look through the GitHub help page for this error:
Every time that I’ve had this problem, it was due to the last issue listed on that page: I didn’t have the public key from my current workstation attached to my GitHub account. Of course, GitHub also provides instructions on how to attach your public key to your account.
Make sure your current public key is attached to your GitHub account.
Dang. If the public key for the current user on your current machine matches the one registered in github then I’m not going to be of any help—that’s been my problem every time I’ve run into this error.
I don’t think this will solve your problem since you tested ssh -vT git@github.com directly and it worked, but you are using the ssh-agent improperly. You need to run
$ eval `ssh-agent -s` Agent pid 767 $ ssh-add -l The agent has no identities.
This will evaluate the environment export commands and allow your ssh-add and ssh commands to communicate with the agent. Alternatively, you can ask the agent to start a shell, terminal, etc. and it will set up the proper environment:
$ ssh-agent bash $ ssh-add -l The agent has no identities.
In this case, the shell is running as a child of the ssh-agent and the agent will shut down when the shell quits.
Error: Permission denied (publickey)
A «Permission denied» error means that the server rejected your connection. There could be several reasons why, and the most common examples are explained below.
Should the sudo command or elevated privileges be used with Git?
You should not be using the sudo command or elevated privileges, such as administrator permissions, with Git. If you have a very good reason you must use sudo , then ensure you are using it with every command (it’s probably just better to use su to get a shell as root at that point). If you generate SSH keys without sudo and then try to use a command like sudo git push , you won’t be using the same keys that you generated.
Check that you are connecting to the correct server
Typing is hard, we all know it. Pay attention to what you type; you won’t be able to connect to «githib.com» or «guthub.com». In some cases, a corporate network may cause issues resolving the DNS record as well.
To make sure you are connecting to the right domain, you can enter the following command:
$ ssh -vT git@HOSTNAME > OpenSSH_8.1p1, LibreSSL 2.7.3 > debug1: Reading configuration data /Users/YOU/.ssh/config > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 47: Applying options for * > debug1: Connecting to HOSTNAME port 22.
The connection should be made on port 22.
Always use the «git» user
All connections, including those for remote URLs, must be made as the «git» user. If you try to connect with your GitHub AE username, it will fail:
$ ssh -T GITHUB-USERNAME@HOSTNAME > Permission denied (publickey).
If your connection failed and you’re using a remote URL with your GitHub AE username, you can change the remote URL to use the «git» user.
You should verify your connection by typing:
$ ssh -T git@HOSTNAME > Hi USERNAME! You've successfully authenticated.
Make sure you have a key that is being used
- Open Terminal Terminal Git Bash .
- Verify that you have a private key generated and loaded into SSH.
# start the ssh-agent in the background $ eval "$(ssh-agent -s)" > Agent pid 59566 $ ssh-add -l -E sha256 > 2048 SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ /Users/USERNAME/.ssh/id_rsa (RSA)
If you have GitHub Desktop installed, you can use it to clone repositories and not deal with SSH keys.
# start the ssh-agent in the background $ eval "$(ssh-agent -s)" > Agent pid 59566
If you are using another terminal prompt, such as Git for Windows, turn on ssh-agent:
# start the ssh-agent in the background $ eval $(ssh-agent -s) > Agent pid 59566
$ ssh-add -l -E sha256 > 2048 SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ /Users/USERNAME/.ssh/id_rsa (RSA)
- Open Terminal Terminal Git Bash .
- Verify that you have a private key generated and loaded into SSH.
$ ssh-add -l -E sha256 > 2048 SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ /Users/USERNAME/.ssh/id_rsa (RSA)
The ssh-add command should print out a long string of numbers and letters. If it does not print anything, you will need to generate a new SSH key and associate it with GitHub AE.
Tip: On most systems the default private keys ( ~/.ssh/id_rsa and ~/.ssh/identity ) are automatically added to the SSH authentication agent. You shouldn’t need to run ssh-add path/to/key unless you override the file name when you generate a key.
Getting more details
You can also check that the key is being used by trying to connect to git@[hostname] :
$ ssh -vT git@HOSTNAME > . > debug1: identity file /Users/YOU/.ssh/id_rsa type -1 > debug1: identity file /Users/YOU/.ssh/id_rsa-cert type -1 > debug1: identity file /Users/YOU/.ssh/id_dsa type -1 > debug1: identity file /Users/YOU/.ssh/id_dsa-cert type -1 > . > debug1: Authentications that can continue: publickey > debug1: Next authentication method: publickey > debug1: Trying private key: /Users/YOU/.ssh/id_rsa > debug1: Trying private key: /Users/YOU/.ssh/id_dsa > debug1: No more authentication methods to try. > Permission denied (publickey).
In that example, we did not have any keys for SSH to use. The «-1» at the end of the «identity file» lines means SSH couldn’t find a file to use. Later on, the «Trying private key» lines also indicate that no file was found. If a file existed, those lines would be «1» and «Offering public key», respectively:
$ ssh -vT git@HOSTNAME > . > debug1: identity file /Users/YOU/.ssh/id_rsa type 1 > . > debug1: Authentications that can continue: publickey > debug1: Next authentication method: publickey > debug1: Offering RSA public key: /Users/YOU/.ssh/id_rsa
Verify the public key is attached to your account
You must provide your public key to GitHub AE to establish a secure connection.
$ eval "$(ssh-agent -s)" > Agent pid 59566
$ ssh-add -l -E sha256 > 2048 SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ /Users/USERNAME/.ssh/id_rsa (RSA)
In the upper-right corner of any page, click your profile photo, then click Settings.
$ ssh-agent -s > Agent pid 59566
$ ssh-add -l -E sha256 > 2048 SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ /Users/USERNAME/.ssh/id_rsa (RSA)
In the upper-right corner of any page, click your profile photo, then click Settings.
$ eval "$(ssh-agent -s)" > Agent pid 59566
$ ssh-add -l > 2048 a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d /Users/USERNAME/.ssh/id_rsa (RSA)
$ ssh-add -l -E md5 > 2048 MD5:a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d /Users/USERNAME/.ssh/id_rsa (RSA)
In the upper-right corner of any page, click your profile photo, then click Settings.
If you don’t see your public key in GitHub AE, you’ll need to add your SSH key to GitHub AE to associate it with your computer.
Warning: If you see an SSH key you’re not familiar with on GitHub AE, delete it immediately and contact your enterprise owner, for further help. An unidentified public key may indicate a possible security concern. For more information, see «Reviewing your SSH keys.»
Help and support
Help us make these docs great!
All GitHub docs are open source. See something that’s wrong or unclear? Submit a pull request.