SSH git clone on Windows 10 does not work at all. For three days, I’ve been at this. No answer yet. Please someone tell me what I’m doing wrong here. I need a step-by-step answer.
Windows 10
Gitea 1.50
OpenSSH and Gitea Built-in SSH servers
I’m attempting to ssh clone from Windows 10 Gitea host server to a Windows 11 client.
ssh user@host - works without using a password
ssh user@host -p 22 - works without using a password
So I deleted everything to start from scratch. All repos, all .ssh key folders, all everything related to GITEA, even the GITEA entries in the Windows Credential Manager.
I start by downloading GITEA 1.22.1 for Windows
I run the server binary in c:\gitea
I accept the default and only change the localhost to use the PC IP address
I create an admin account to be the local Windows admin account (without creating a git user)
GITEA server starts, OpenSSH is also started
I register two gitea accounts: myname and tester
I create new SSH keys for both accounts
I attempt to clone using SSH as myname user but it fails
$ git clone servicename@host-ip:username/codebase.git
Cloning into ‘codebase’…
The authenticity of host ‘host-ip (host-ip)’ can’t be established.
ED25519 key fingerprint is
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘host-ip’ (ED25519) to the list of known hosts.
servicename@host-ip: Permission denied (publickey,keyboard-interactive).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Something came to my mind to see what would happen if I added the new SSH key into the %programdata\ssh\sshd_config\administrators_authorized_keys file from the
~username/.ssh/id_rsa.pub (the public key)
I then ran this test by attempting to ssh username@host-ip
I received this output to the screen
$ ssh username@host-ip
PTY allocation request failed on channel 0
Hi there, username! You’ve successfully authenticated with the key named username@host-ip, but Gitea does not provide shell access.
If this is unexpected, please log in with password and setup Gitea under another user.
Connection to laptop1 closed.
Now I retry the git clone using the SSH address displayed in GITEA
git clone servicename@host-ip:username/codebase.git
Use the %programsdata%\ssh\sshd_config to store the key
make sure you set the parameters in the file to read:
Port 22 (yes you can use the default OpenSSH default port)
AuthorizedKeyFile = c:\programdata\ssh\administators_authorized_keys
PasswordAuthentication no
After adding (appending) the new key to the above file like so under the Windows Admin account
% type c:\users\myname.ssh\id_rsa.pub >> %programdata\ssh\administrators_authorized_keys
Test ssh command to receive the “authentication” message.
And try the git clone again with the SSH protocol. Good luck.
I think you are missing the point Gitea can have a builtin ssh server on windows. It manages the authorized_keys by adding the command=“” to force it only allow gitea access. You are modifying the authorized keys yourself. I think the problem is the gitea process has no access to modify the OpenSSH on windows authorized_keys file? As SSH public keys are managed from the web gui by users…