Clever Geek Handbook

Can't access AWS CodeCommit with SSH

Having an incredibly difficult time figuring out how to get AWS CodeCommit to work with standard SSH authentication. Saw another thread like this but there is no answer and I am not allowed to comment yet. This is done on Windows using Git Bash.

Repro steps

  • Created IAM user with full permissions (AwsAdministrator)
  • From Git Bash to ~ / .ssh
  • "cat id_rsa.pub" and copy the output to the clipboard
  • In the IAM console, click the button to add the SSH key and paste into the input field. Click "Save".
  • Trying to access the CodeCommit repository (in this case trying to push) and getting "Permission denied".

Git + SSH exit

This is what I get from SSH with DEBUG3 registration:

debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/Dan/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp SHA256:<omitted>
debug3: sign_and_send_pubkey: RSA SHA256:<same-as-above>
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
fatal: Could not read from remote repository.

For comparison, this is what I get using the same SSH keys for GitHub:

debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/Dan/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp SHA256:<same-as-above>
debug3: sign_and_send_pubkey: RSA SHA256:<same-as-above>
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([192.30.252.130]:22).

The above output was to run a regular Git command such as git push origin master

, with the ssh debug protocol included in .ssh/config

:

Host git-codecommit.us-east-1.amazonaws.com
  LogLevel DEBUG3

Host github.com
  LogLevel DEBUG3
+2


source to share


1 answer


It looks like you missed a step in configuring SSH. You need to add this information to your .ssh / config file:

Host git-codecommit.us-east-1.amazonaws.com
   User Your-SSH-Key-ID, such as APKAEIBAERJR2EXAMPLE
   IdentityFile Your-Private-Key-File, such as ~/.ssh/codecommit_rsa or ~/.ssh/id_rsa


You can get your SSH-Key-ID from the IAM console.

+3


source






More articles:


All Articles