unofficial mirror of help-guix@gnu.org 
 help / color / mirror / Atom feed
From: Bone Baboon <bone.baboon@disroot.org>
To: Phil <phil@beadling.co.uk>
Cc: help-guix@gnu.org
Subject: Re: `guix pull` of an ssh channel fails
Date: Fri, 14 May 2021 11:25:16 -0400	[thread overview]
Message-ID: <87zgwxcp7n.fsf@disroot.org> (raw)
In-Reply-To: <87im3mmt7p.fsf@beadling.co.uk>

Phil writes:
>> After running `ssh-agent` and using the environment variables it outputs
>> in the command `SSH_AUTH_SOCK=/tmp/ssh-XXXXXXLfu5ES/agent.18550
>> SSH_AGENT_PID=18551 guix pull` I am no longer getting this error message
>> "guix pull: error: Git error: error authenticating: no auth sock
>> variable".
>>
>> However I now get this error message "guix pull: error: Git error:
>> Failed to retrieve list of SSH authentication methods: Failed getting
>> response`".
>
> When I have seen this error it means the SSH key in the ssh-agent is not
> permissioned to read the contents of the git repo over SSH, containing either the
> channel itself or any other repos referenced in the channel that you hold
> locally.

I had previously added the client's SSH public key to the
`~/.ssh/authorized_keys` file of the computer with the Git repository
with `ssh-copy-id`.  However that did not resolve this error message.

I have changed the permission of the git repository I am trying to use
as a channel with this command `chmod --recursive u=rwx,g=rwx,o=rwx
<git-repository>`.  However this did not resolve this error message.

How would I make the SSH key in the ssh-agent permissioned to read the
contents of the git repository over SSH?  It might already be as I can
successfully git clone the repository.

> I use BitBucket not vanilla Git - the solution in BitBucket is
> to add the public key of the SSH key in your agent to your account with
> read priviledges.  If you happen to be using GitHub you'll need to add
> your key here, I think - it's the same idea: https://github.com/settings/ssh/new

The channel is a vanilla Git repository.

I searched for a Git forge service with `guix search`.  There were no
results for sourcehut, Gitea, Gogs or GitLab.  Any suggestions for a Git
forge service that is packaged for Guix?

> One last test you can do is can you git clone your channel from the
> console?  My guess is this won't work if Guix is also having problems -
> but you can then reduce the problem to one of git not guix.

It looks like there is no problem with SSH.  I can make an SSH
connection to the computer that has the Git repository without needing
to enter a password.  I can also scp files from the computer with the
Git repository without needing to enter a password.

It also looks like there is no problem with Git.  I can clone the
channel `git clone
ssh://<user>@<ip-address>:22/absolute/path/to/<git-repo>/`.  Where
<user> is the user in the output of `ls -l <git-repo>`.


  reply	other threads:[~2021-05-14 15:47 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-11 16:32 `guix pull` of an ssh channel fails Bone Baboon
2021-05-12 20:08 ` Bone Baboon
2021-05-13 17:36   ` Phil
2021-05-14 15:25     ` Bone Baboon [this message]
2021-05-15  7:07       ` Phil
2021-05-15  8:29         ` divoplade
2021-05-17 13:39         ` Bone Baboon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87zgwxcp7n.fsf@disroot.org \
    --to=bone.baboon@disroot.org \
    --cc=help-guix@gnu.org \
    --cc=phil@beadling.co.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).