Initial Authentication Issues

I’ve had a Github account for some time, and posted a test repo a couple of years ago. I’m starting in the CLI and I can’t get my certificate to work. Github isn’t approving me.

I have two certs on my workstation. I made one specifically for Github. I tried using that cert, and I’ve moved back to my original cert, because the second cert created confusion with ssh into other boxes.

So I created a remote repo with a similar name and on my workstation as well. I copied the files into that local repo and it still won’t work. At this point I don’t know what to do. Any advice appreciated how I can handle this.

Cheers

if you are referring to GitHub CLI see this CLI manual page here https://cli.github.com/manual/gh_auth.

If you are referring to GitBash or GitCMD provided with git-scm client. There is help documentation here https://docs.github.com/en/authentication/connecting-to-github-with-ssh. There is also a troubleshooting section there also. Alternatively you can use sign in with browser or a personal access token which is often easier for users unfamiliar with how to configure SSH keys/

Didn’t know there were so many packages out there.

https://git-scm.com/

Made one key some time ago for other applications, and made another for this application, and neither work. I’ll have a look at your last link.

OK, so generated a third cert and it is still asking for un/pw for authentication, only to say it’s outdated. Not sure why it isn’t looking into the .ssh directory for keys.

BTW this is on a Mac Monterey.

This probably means your repository is still configured with a HTTPS URL for the GitHub remote. You need to change the URL to the SSH one to authenticate with SSH. Hope that helps! :smiley_cat:

The problem is that it’s not seeing the remote, probably because it’s set to HTTPS. The error: No such remote 'myrepo'. So I’m caught. Any ideas?

I used: git remote set-url myrepo https://github.com/daBee/myrepo

Tried this as well, same error:
git remote set-url test123 git@github.com:daBee/test123.git https://github.com/daBee/test123.git

The repo is there. Looking at it.

The point is that if you want to use SSH for authentication, you have to set the remote URL to SSH. If it’s set to HTTPS you have to use username and token for authentication.

git remote set-url origin git@github.com:daBee/test123.git

should work in most cases (assuming you use the default name origin for the GitHub remote).

You you don’t mean SSH authentication please clarify what you are trying to do.

Yes, I understand what I’m trying to do. That’s not the issue. It’s just not happening for some reason. Every time I go to push, it says the repo is not there.

What I just tried, last for tonight:

git remote set-url origin git@github.com:daBee/test123.git
git add -A
git commit -m "first commit"
git branch -M main
git remote add origin git@github.com:daBee/test123.git
git push -u origin main


On branch main
nothing to commit, working tree clean
error: remote origin already exists.
Enumerating objects: 10, done.
Counting objects: 100% (10/10), done.
Delta compression using up to 8 threads
Compressing objects: 100% (4/4), done.
Writing objects: 100% (10/10), 702 bytes | 702.00 KiB/s, done.
Total 10 (delta 0), reused 0 (delta 0), pack-reused 0
remote: error: GH007: Your push would publish a private email address.
remote: You can make your email public or disable this protection by visiting:
remote: http://github.com/settings/emails
To github.com:daBee/test123.git
 ! [remote rejected] main -> main (push declined due to email privacy restrictions)
error: failed to push some refs to 'github.com:daBee/test123.git'

There’s your problem! This has nothing to do with authentication. Either change the author email address in your commits, or decide to make your email address public.

They are both the same and set to private. Why do I need a second email private email? I was also told that my public-key had nothing to do with emails. So I need one email on github, and a different one locally? I’m really confused now.

That is correct.

That depends on what you want. Git records the configured author name and email address in each commit you make. This information is available to everyone with access to the repository.

GitHub uses the email address to assign commits to user accounts. Some people might not want to make their actual email address available to others, in that case you can use a pseudo-address (“pseudo” as in, it looks like an email address, but you can’t send mail to it) similar to 1234567+username@users.noreply.github.com, and it’ll work to match your commits, too. Additionally there’s the option to block pushes that would expose your actual mail address. It looks like you have enabled that, and the commits you’re trying to push contain your actual email address.

So the question is: Do you want to make your email address public, or use the users.noreply.github.com address for your commits on the command line, too?

I don’t want to publish. I’ve set that already. But having my proper email in both my cert generation and what’s on github, still kicks up that error. So even moving to a spoofed email address, wouldn’t the problem still be there? The problem, as it stands and as has been presented, is that the authentication of the proper email isn’t working for some reason, on a push already. So I’m confused as to what to do.

What do you mean by “cert generation”?

No. The error message you quoted above clearly states what the issue is, and it’s about the commits being pushed containing the email address you want to keep private. That has nothing to do with authentication. If you want to keep your email address private, you need to replace it with the users.noreply.github.com one for your account in those commits.

I make my public-keys here on my workstation. It requires an email address, spoofed or otherwise. OK the syntax/error is not clear enough for me to understand then. That might need to be re-worded. I will generate another key and try again.

Ah, so you mean the public key pair for SSH? That already works, otherwise you wouldn’t get the error message you see. No need to create a new one. The identifier for an SSH key usually looks like a mail address (user@host) but doesn’t matter whatsoever.

Once again, the error message is about the commits being pushed, and the author data in those.

OK, let’s focus on that. My commits are git commit -m 'first commit'.

Check git log. I assume you’ll see your (private) mail address in the Author field, at least for some commits.

Also look at git config user.email. That’s the mail address Git will record as the author email when you create a commit.

100% same email. log entries and config user.email. Everything I’m using is the same email.

Is that email address the one you want to keep private?

Yes. I wasn’t under the impression that using this email, would mean it’s published, given the options on the web interface.

Author information for each commit is part of the repository history, so it’s available to anyone with access to the repository. If the repository is public that means it’s visible to the world. I assume the “Block command line pushes that expose my email” option exists exactly because that’s a possible misunderstanding, and to prevent mistakes. But it doesn’t change the commits when you push (otherwise the pushed history wouldn’t fit the local one), it only prevents the push exactly as you saw.

So, if you want to keep your mail address private for future commits you should set your user.email to your users.noreply.github.com address (you can find it in the email section of settings).

To push the already existing commits without revealing your mail address you’ll have to rewrite the repository history, or if it was just a test repository (like the name test123 indicates) discard it and try again.