Closed ezzatron closed 7 years ago
Same version of Grit all along?
Yes, I've only ever installed it once.
I wonder whether @koshatul might be able to provide some insight 🤞
Not sure if it's relevant, but so far only users to hit this problem are using zsh.
So after talking with kosh, what I think I know is that it's ssh-agent related, and probably something to specific to Go's implementation. @Koshatul, were you able to reproduce this under bash reliably?
@ezzatron, can you try the binary in this archive please? It's a debug build that prints out the public keys that are made available to it from the agent. Note that it will print them once for each of the Grit sources you have defined.
I think I've figured out how to reproduce. I have my SSH key added to the macOS Keychain. This can be accomplished by running:
$ ssh-add -K [path/to/private SSH key]
In my ~/.ssh/config
file I have these settings:
Host *
UseKeychain yes
AddKeysToAgent yes
After a fresh reboot, ssh-add -l
spits out:
The agent has no identities.
Running grit at this time will produce something like:
$ grit clone org/repo
probing 2 source(s) for org/repo
github: trying git@github.com:org/repo.git
ghe: trying git@github.example.org:org/repo.git
ghe: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
github: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
could not find 'org/repo' at any of the configured sources
If I then SSH to any server using the standard macOS ssh client:
ssh something
The ssh-add -l
command now spits out:
4096 SHA256:<redacted> (RSA)
And grit now works fine:
$ grit clone org/repo
probing 2 source(s) for org/repo
github: trying git@github.com:org/repo.git
ghe: trying git@github.example.org:org/repo.git
ghe: found git@github.example.org:org/repo.git
...
So it seems that there is some hook in the macOS SSH system to lazily add keys from the keychain to the SSH agent before connecting, and the Go implementation of SSH obviously doesn't do this.
@ezzatron after our last discussion I think we agreed that this is best solved by something in zsh init scripts?, please close if true
To be clear, it has nothing to do with zsh. It's a macOS thing. But yes,
adding ssh-add -A
to a startup script will add keys from the keychain to
the agent.
On Mon., 13 Nov. 2017, 9:00 am James Harris, notifications@github.com wrote:
@ezzatron https://github.com/ezzatron after our last discussion I think we agreed that this is best solved by something in zsh init scripts?, please close if true
— You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/jmalloc/grit/issues/48#issuecomment-343775828, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGHOBCFYLI30x1yLrtEKz6yiLm3soy5ks5s13iWgaJpZM4QXNc8 .
Sometimes I get this:
Grit has previously been working fine for me.