Git & SSH Troubleshooting
This article walks you through troubleshooting some of the most common Git issues on Pagoda Box.
Confirm You've Added Your SSH Key to Your User Account
In order for Git/SSH to successfully authorize with Pagoda Box, you must first add your public SSH key to your Pagoda Box account. You can see what SSH key(s) you've added to your account by clicking on your user image in the upper right corner of your dashboard and going to Account Admin > SSH Keys.
If no SSH keys have been added, the Setting Up SSH doc walks through how.
Confirm You've Verified Your User Account
Before you can push your own code to Pagoda Box, you must first verify your account. The Account Verification doc provides more information.
SSH Authorization Failure & SSH Fingerprint
Whenever you try to connect to Pagoda Box through an SSH connection, your local machine sends one of the keys you've added to your local SSH agent. Every SSH key has a fingerprint. Whenever there's an SSH authorization error, the fingerprint of the SSH key sent with the connection request is displayed in the error output.
Example SSH Authorization Failure Terminal
::::::::::::::::: AUTHORIZATION FAILURE !!! We're sorry, the SSH key provided is not authorized for this repo. ssh fingerprint provided: aa:bb:cc:dd:ee:ff:00:11:22:33:44:55:66:77:88:99
This is the fingerprint of the key your machine sent when trying to authorize the SSH connection.
The fingerprints of each SSH key you've added to your account are shown in your dashboard. Compare the fingerprint shown in the error output to the SSH fingerprint(s) of the key(s) added to your Pagoda Box account.
The Fingerprint Matches a Key Added to Your Account
If the fingerprint shown in the connection error output does match a key added to your account, it means you're trying to connect to a service or push to an app that your user account does not have access to. You have not been added as a team member on the app. It could also mean that the git clone url tied to the remote to which you're trying to push is wrong (more info below).
The Fingerprint Does NOT Match a Key Added to Your Account
If the fingerprint shown in the SSH connection error does not match any key added to your user account, it means your local machine is sending a key that Pagoda Box doesn't know about. To see exactly which key is being sent, you'll need to compare the fingerprint shown in the SSH authorization error output with the fingerprints of your local keys.
To view the fingerprints of the keys added to your local SSH agent, run the following:
Viewing Local SSH Fingerprints Terminal
$ ssh-add -l
Fingerprint Matches a Local Key
If the fingerprint shown in the authorization error output does match a local key, you have two options:
Add the matching key to your Pagoda Box account. The Setting Up SSH doc explains how.
If you have multiple keys locally, the SSH agent is likely sending the wrong one. You can specify which key the SSH agent should use when pushing to Pagoda Box. Just be sure the key you specify has been added to your user account.
Fingerprint Does NOT Match a Local Key
If the fingerprint shown in the authorization error does NOT match any of the keys registered to your local SSH-agent, it means your local SSH agent doesn't know about the key that's being used. In this case, you'll need to add all your generated keys to your local SSH-agent.
Adding Keys to Your Local SSH Agent Terminal
# List keys stored in your .ssh directory $ ls ~/.ssh # Add a key pair to your ssh agent $ ssh-add ~/.ssh/keyname
Below is a quick example of the workflow:
Example of Adding Keys to Your Local SSH Agent Terminal
$ ls ~/.ssh github_rsa github_rsa.pub id_rsa id_rsa.pub known_hosts pagoda_rsa pagoda_rsa.pub $ ssh-add ~/.ssh/github_rsa Identity added: github_rsa (github_rsa) $ ssh-add ~/.ssh/id_rsa Identity added: id_rsa (id_rsa) $ ssh-add ~/.ssh/pagoda_rsa Identity added: pagoda_rsa (pagoda_rsa)
Now if you run
ssh-add -l, you'll see the newly added keys and their fingerprints. Compare the newly added key fingerprints to the key shown in the SSH authorization output and take any appropriate steps.
Specify Which Key to Use with Pagoda Box
By default, your local SSH agent will use the default key,
id_rsa. However if you didn't use the default name or you've created multiple keys, you need to tell the SSH agent which key to use when pushing to Pagoda Box. This is done in your local SSH config file located at
SSH Config SSH
Host git.pagodabox.io User git Hostname git.pagodabox.io PreferredAuthentications publickey IdentityFile ~/.ssh/keyname
You may also need to update the permissions on your .ssh folder and its contents. The SSH application will ignore secret files that are too permissive.
Update .ssh Permissions Terminal
$ chmod 700 ~/.ssh $ chmod 600 ~/.ssh/*
SSH Keys in Non-Default Location or using Non-Default Name
If your key is not at the default location(~/.ssh/) or it's using a Non-Default Name(id_rsa), move/rename it or run the following command to make SSH aware of it's existence.
Add SSH Key Path Terminal Terminal
$ ssh-add path/to/key
SSH Keys Generated Using Different User
Keep in mind that SSH keys are user specific. If you generated keys using "sudo ssh-keygen", then those keys will only be available to sudo. So you can either run all your GIT commands as sudo(not recommended) or regenerate SSH keys for your user and paste the new public key(id_rsa.pub) into your Pagoda Box account.
Check Your Git Remote's Clone URL
Make sure the clone url tied to the remote to which you're pushing matches the clone url of your app.
View Your Remotes' Clone URLs Terminal
$ git remote -v pagoda firstname.lastname@example.org:apps/app-name.git (fetch) pagoda email@example.com:apps/app-name.git (push)
Ensure the clone url of the remote to which you're trying to push exactly matches the clone url of your app. Your app's clone URL can be found in your dashboard under Admin > App Info.
Table of Contents
- The Fingerprint Matches a Key Added to Your Account
- The Fingerprint Does NOT Match a Key Added to Your Account
- Viewing Local SSH Fingerprints
- Fingerprint Matches a Local Key
- Fingerprint Does NOT Match a Local Key
- Adding Keys to Your Local SSH Agent
- Example of Adding Keys to Your Local SSH Agent
If you have any questions, suggestions, or corrections, let us know.