How to Fix Permission denied (publickey), git@github.com: permission denied (publickey)
.jpg)
This guide shows easy steps to find and fix the error. You do not need to be an expert. We use clear words and small steps. Follow along and test each step.
Quick Answer
Make an SSH key, add the public key to your Git host (like GitHub), and make sure your SSH agent offers the key. Then test with ssh -T git@github.com. If that works, Git will stop giving the error.
Step-by-Step Solution
-
Know the exact error and URL.
Read the message in your terminal. If it saysPermission denied (publickey)and your remote URL looks likegit@github.com:user/repo.git, your computer tried SSH. If the URL starts withhttps://, the problem is different. Usegit remote -vto check the URL. -
Look for existing SSH keys on your computer.
Open a terminal and run:
You may see files likels -la ~/.sshid_rsaandid_rsa.puborid_ed25519andid_ed25519.pub. The.pubfile is the public key you paste to a web site. If you do not see key files, you will make one. -
Create a new SSH key if you need one.
Run:
If your system does not support ed25519, use:ssh-keygen -t ed25519 -C "your_email@example.com"
Press Enter to accept the default location. You can add a passphrase for extra security or press Enter twice to skip it.ssh-keygen -t rsa -b 4096 -C "your_email@example.com" -
Start the SSH agent and add your key.
On macOS or Linux:
On Windows Git Bash:eval "$(ssh-agent -s)" ssh-add ~/.ssh/id_ed25519
If you use Pageant (PuTTY) on Windows, open Pageant and add the private key there.eval $(ssh-agent -s) ssh-add /c/Users/you/.ssh/id_ed25519 -
Copy the public key to your Git host.
Show the public key:
Copy the text that starts withcat ~/.ssh/id_ed25519.pubssh-ed25519. In GitHub, go to Settings > SSH and GPG keys > New SSH key. Give it a name and paste the key. For GitLab, go to Profile > Settings > SSH keys. For Bitbucket, go to Personal settings > SSH keys. -
Check file permissions.
SSH can ignore keys if the files are too open. Run:
On Windows, make sure yourchmod 600 ~/.ssh/id_ed25519 chmod 644 ~/.ssh/id_ed25519.pub.sshfolder is not shared and is only for your user account. -
Test the SSH connection.
Run:
A success reply looks like:ssh -T git@github.com
If you still see permission denied, run with verbose mode:Hi username! You've successfully authenticated, but GitHub does not provide shell access.
Look for lines that say "Offering public key" and "Authentications that can continue".ssh -vvv git@github.com -
Use an SSH config file when you have many keys.
If you use more than one Git account or key, make a~/.ssh/configfile. Add this block:
For a second account, use a different Host name likeHost github.com HostName github.com User git IdentityFile ~/.ssh/id_ed25519github-workand the right key. -
Check common mistakes.
- Did you accidentally run Git with
sudo? Do not usesudofor regular Git. - Did you copy the wrong public key? Check
cat ~/.ssh/id_ed25519.pub. - Is your key expired or weak? Use ed25519 or RSA 4096.
- Are you behind a VPN or firewall that blocks SSH? Try disabling it briefly.
- Did you accidentally run Git with
Troubleshooting and Extra Tips
- Windows notes: Windows can use the built-in OpenSSH agent or Pageant. For WSL, generate keys inside WSL and add them to your Git hosting account from WSL. On Windows, use
clip < ~/.ssh/id_ed25519.pubto copy the key fast. - Multiple accounts: If you push to several Git hosts, add all your keys to the SSH agent. Use the
~/.ssh/configto pick the right key for each host. - SSH agent forgets keys after restart: Add the key to your ssh-agent startup or use a key manager like Keychain on macOS, or enable the ssh-agent service on Windows.
- HTTPS as a quick fallback: If you need to push fast, switch to the HTTPS repo URL. Use
git remote set-url origin https://github.com/user/repo.gitand use a personal access token if needed. - Debug logs are your friend: Run
ssh -vvv git@github.comto see exactly what SSH tries. The logs show which key files are offered. - Check your account settings: Make sure the public key is in the correct account. If you have multiple GitHub accounts, you may have added the key to the wrong one.
Useful Sources
Related guides:
Who This Helps
This guide helps students, hobby coders, and new developers. It helps people who moved their code, set a new computer, or switched accounts. If you use Git often, this guide will save time.
FAQ
Q: Can I use HTTPS instead of SSH?
A: Yes. HTTPS works with a username and token. Use HTTPS if you do not want to set SSH keys.
Q: What is ssh-agent?
A: ssh-agent is a small program that holds your private key in memory. It lets you use a key without typing the passphrase every time.
Q: What if I used sudo?
A: sudo runs commands as root. Root has a different ~/.ssh. Run Git as your user, not root.
Q: Why does ssh -T say \"no more authentication methods available\"?
A: This means SSH tried keys but none were accepted. Check the key is added to your account and the agent.
Q: Can a firewall block this?
A: Yes. Some networks block SSH (port 22). Git hosts may also offer SSH on other ports or support HTTPS.
Extra Example Commands
# List keys the agent has
ssh-add -l
# Copy public key on macOS/Linux
cat ~/.ssh/id_ed25519.pub | pbcopyWhy This Is So Common Now
Many people move to new laptops or use cloud shells. New dev tools also ask for stronger keys. Tools like GitHub, GitLab, and Bitbucket update their docs to prefer secure keys. This means more users see the error when they miss one step.
Deploy Keys and CI
If a server or CI job needs to pull a repo, use a deploy key or a machine key. A deploy key is a key added to one repository only. It is safer for servers. Do not share your personal private key with public servers.
Final Test
After you add the key, try git clone or git push again. If it works, you are done. If not, re-run ssh -vvv, check ~/.ssh/config, and confirm the public key is in the correct account.
Comments
Post a Comment