The solution was found here: SSH works in putty but not terminal
in Ubuntu 13.10/12.10, login and gain sudo access.
Edit /etc/ssh/ssh_config
, uncomment the following lines
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
Add the following line
HostKeyAlgorithms ssh-rsa,ssh-dss
You should end up with your /etc/ssh/ssh_config
file looking like this
Host *
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
HostKeyAlgorithms ssh-rsa,ssh-dss
Now run ssh -T -v git@github.com
and it will ask you to add the server to your known hosts file. Hit yes, and then it should welcome you to the server.
Hi ****! You've successfully authenticated, but GitHub does not provide shell access.
Wow this is an excellent question I don't understand why this hasn't gotten more attention (Maybe because it's not exactly security related than SU).
There is a hacker news discussion about it - https://news.ycombinator.com/item?id=7792026
This is not a major issue but you could do some serious abuse with it -
- You can publish commits from famous people making it look like they endorse your project and actively contribute to it.
- You can fake the amount of contributors your project actually has by using multiple identities of other real GitHub users. (this will look way more legit than just using random e-mails)
- You might be able to convince someone to merge a pull request into his project by making him think most commits are coming from another trusted user
Recently GitHub been criticized for also allowing project owners to edit comments of users replying in their project making it look like they wrote stuff they didn't write which can lead to serious abuse. This is a very similar thing.
As other answers has mentioned this is how Git was designed. in an internal repo you don't care much about this stuff and you mostly care about managing code and not reputation. GitHub on the other way is a social tool and should care about its user public reputation (as mentioned in the hacker news discussion this solvable by PK encryption. many users already have PK assigned to their GitHub account for push permissions I would imagine same key can be used to sign commits )
Best Answer
My guess:
Your old repositories used SSH remotes (
git@github.com:
orssh://git@github.com/
prefixes), which used public-key authentication. (In fact, the Github SSH server never asks for a password.)Your new repositories use HTTP remotes (
https://username@github.com/
), which only support password-based HTTP Basic authentication and do not use your SSH keys.Change your remote URLs to use SSH again. Use
git remote set-url
or edit.git/config
to do this. Replacewith just
You can even have an entry in your
~/.gitconfig
that tells git to translate remote URLs from HTTP or Git to SSH.This way, if your repository is configured for a HTTP or Git remote, git will ignore that setting when pushing and will use SSH instead.
(An
insteadOf =
setting is also possible, to override both pulling and pushing.)