failed to authenticate SSH session

[harilet]

I am trying to push to a github repo using the ssh remote but I am getting an error
failed to authenticate SSH session: ; class=Ssh (23)

the code

fn push(repo_location: &str, origin: &str) {
    let repo = Repository::open(repo_location).unwrap();
    let mut origin = repo.find_remote(&origin).unwrap();

    let branch = repo.find_branch(&"main", BranchType::Local).unwrap();

    let branch_ref = branch.into_reference();
    let branch_ref_name = branch_ref.name().unwrap();
    repo.set_head(branch_ref_name).unwrap();

    let mut remote_callbacks = git2::RemoteCallbacks::new();
    remote_callbacks.credentials(|_url, _username_from_url, _allowed_types| {
        match git2::Cred::ssh_key(
            _username_from_url.unwrap(),
            // Some(std::path::Path::new("<home>/.ssh/github/id_rsa.pub")),
            None,
            std::path::Path::new("<home>/.ssh/github/id_rsa"),
            None,
        ) {
            Ok(cred) => {
                println!("credential creation success");
                Ok(cred)
            }
            Err(e) => {
                println!("credential creation Failed: {:#?}", e);
                Err(e)
            }
        }
    });

    let mut push_options = git2::PushOptions::new();
    let mut_push_options = push_options.remote_callbacks(remote_callbacks);

    match origin.push(&[branch_ref_name], Some(mut_push_options)) {
        Ok(_) => {
            println!("push-pushed to remote")
        }
        Err(e) => {
            println!("push-failed to push to remote: {}", e)
        }
    };
}

and I am getting this output

and I am able to read the key file

can anyone help?

[harilet]

if I also add the public key it's an infinite loop not stopping and re-trying

[harilet]

@vlad-anger I saw you in a libgit2 PR. Can you help? or tag someone who can?

[vlad-anger]

Can you help?

@harilet Yes

1. Your code works. I've tested (with ssh auth, all good)
2. Problem you have is related to ssh agent. You need to ensure you have proper one running before invoke program. I would recommend you to check
   general info + agent discussion
   Run agent windows/mac

[harilet]

so even though git push origin main works for me and I am passing the key in the following code and not using the ssh_key_from_agent still need to use ssh agent?

git2::Cred::ssh_key(
            _username_from_url.unwrap(),
            // Some(std::path::Path::new("<home>/.ssh/github/id_rsa.pub")),
            None,
            std::path::Path::new("<home>/.ssh/github/id_rsa"),
            None,
)

[vlad-anger]

I can push with killed ssh-agent. Cred callback with priv. key seems to be sufficient (which intuitively makes sense). But i'm not that knowledgeable & sure, It's libgit2 under hood.
So because it works for me with priv. key & without ssh agent, could you recheck your key is fine & you have added it to git remote you are pushing? (So it's not auth issue)

[harilet]

I think the key and git remote are fine cause the git push origin main is working
and then I ran ssh -T [email protected] -v and I can see the following

my id_rsa is a publickey?

[vlad-anger]

my id_rsa is a publickey?

You can name files how you want, but most likely It's private, public should be id_rsa.pub
You can verify it's private by file start: -----BEGIN OPENSSH PRIVATE KEY-----

Btw do you have chance to test on linux machine | in vm, just to cut area of issue?

[harilet]

my id_rsa starts with -----BEGIN OPENSSH PRIVATE KEY-----
I am using windows11

[vlad-anger]

I am using windows11

I'm not sure if issue is related to libgit2 + windows, or still tricky thing with your keys
But i can't help much unless you can test it in linux VM for ex., so we can know for sure

[VladasZ]

I think I'm having similar issue. So at first I setup creds like this:

        let mut callbacks = RemoteCallbacks::new();
        callbacks.credentials(|url, username_from_url, allowed_types| {
            println!("Connecting to: {url}");

            if allowed_types.is_ssh_key() {
                return Cred::ssh_key_from_agent(username_from_url.unwrap_or("git"));
            }

            Err(git2::Error::from_str("No valid credentials available"))
        });

It worked fine on macOS but failed on Windows.

It just goes into infinite loop and calls callbacks.credentials over and over again and never finishes.

Then I tried to manually get the key like this:

        let key = Cred::ssh_key(
            "git",
            Some(&public_path()),
            &private_path(),
            Some("PASSWORD"),
        )?;

On macOS it works if password is correct. If the password is wrong it goes in the same infinite loop.

On Windows it never works.

It is obviously failing and trying to get the key again but my main question is where can I get error messages from these fails? Why does it tries to get the key over and over again instead of just failing with error message?

[harilet]

when I don't use the public key I get failed to authenticate SSH session: ; class=Ssh (23)
when I do use it it goes into a infinite loop and I usually just kill it

in some link @vlad-anger gave, there ssh agent was being used, so I tried this

remote_callbacks.credentials(|_url, _username_from_url, _allowed_types| {
        git2::Cred::ssh_key_from_agent(_username_from_url.unwrap())
});

and it works fine

[VladasZ]

git2::Cred::ssh_key_from_agent(_username_from_url.unwrap()) works on Windows for you?
On my system it returns Ok but still goes into infinite loop of calling remote_callbacks.credentials

[harilet]

Yes, worked in windows for me

code:

fn push(repo_location: &str, origin: &str) {
    let repo = Repository::open(repo_location).unwrap();
    let mut origin = repo.find_remote(&origin).unwrap();

    let branch = repo.find_branch(&"main", BranchType::Local).unwrap();

    let branch_ref = branch.into_reference();
    let branch_ref_name = branch_ref.name().unwrap();
    repo.set_head(branch_ref_name).unwrap();

    let mut remote_callbacks = git2::RemoteCallbacks::new();
    remote_callbacks.credentials(|_url, _username_from_url, _allowed_types| {
        git2::Cred::ssh_key_from_agent(_username_from_url.unwrap())
    });

    let mut push_options = git2::PushOptions::new();
    let mut_push_options = push_options.remote_callbacks(remote_callbacks);

    match origin.push(&[branch_ref_name], Some(mut_push_options)) {
        Ok(_) => {
            println!("pushed to remote")
        }
        Err(e) => {
            println!("failed to push to remote: {}", e)
        }
    };
}

Output:

[VladasZ]

Where can I get the error messages when it goes in the infinite loop to understand what goes wrong in my case?

[harilet]

Error message

code:

    remote_callbacks.credentials(|_url, _username_from_url, _allowed_types| {
        git2::Cred::ssh_key(
            _username_from_url.unwrap(),
            None,
            std::path::Path::new(&format!("{}/.ssh/github/id_rsa",home)),
            None,
        )
    });

output:

Loop

code:

    remote_callbacks.credentials(|_url, _username_from_url, _allowed_types| {
        println!("Connecting to: {_url}");
        git2::Cred::ssh_key(
            _username_from_url.unwrap(),
            Some(std::path::Path::new(&format!("{}/.ssh/github/id_rsa.pub",home))),
            std::path::Path::new(&format!("{}/.ssh/github/id_rsa",home)),
            None,
        )
    });

output:

[VladasZ]

I get error message too if I remove public key and infinite loop with it.
But still why does it get into infinite loop? Where is the error message from that?

[harilet]

I don't see an error for the infinite loop, can I see it if I open and repack git2::Cred::ssh_key?