I am new to Manjaro and the installation worked great. Now I would like to clone some repos from Github using SSH, but nothing seems not work. I tried:
[andreas@Bixente ~]$ ssh-add -l
Could not open a connection to your authentication agent.
[andreas@Bixente ~]$ eval "$(ssh-agent -s)"
Agent pid 5346
[andreas@Bixente ~]$ ssh-add -l
The agent has no identities.
[andreas@Bixente ~]$ ssh-add ~/.ssh/github
Identity added: /home/andreas/.ssh/github (andreas@Bixente)
[andreas@Bixente ~]$ git clone git@github.com:Username/project.git ~/TestDir
Cloning into '/home/andreas/TestDir'...
Connection closed by 140.82.121.3 port 22
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I tried ssh on other hosts (bitbucket, webserver) and default key naming - same result. When I tried using another machine it worked worked.
I have no idea what to try next. This gives me a headache.
Given the “freshly installed” it might the case that you’re transferring from an older LTS-type distribution? When I recently did from Mint I found that the newer Manjaro SSH had deprecated some older-type RSA keys due to vulnerabilities. You can in the case of github supposedly just generate and use a different keypair which I’d suggest – but if this is the issue and you really, really can’t, you can re-enable those older-type RSA keys with in /etc/ssh/ssh_config:
But don’t as said do any of that if you can just generate a new keypair, and of course, this while assuming it’s the problem in the first place; see initial ssh -v advise frst.
All the keys I tried are new created. Furthermore the -v option does not give me much in this case…
[andreas@Bixente ~]$ GIT_SSH_COMMAND="ssh -v" git clone git@github.com:Username/project.git Test
Cloning into 'Test'...
OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to github.com [140.82.121.4] port 22.
debug1: connect to address 140.82.121.4 port 22: Connection timed out
ssh: connect to host github.com port 22: Connection timed out
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
This is undoubtedly to say you’re going to have some sort of firewall active. Just tested things here and all works without issue: you are going to need to fix your “secuwity”.
That most likely means that somewhere in your network route port 22 is being blocked, could be your own setup or your ISP…
Try to use a VPN if it’s your ISP i guess…
But, if your end-goal is to just clone a repo, then use the http(s): variant instead of the git: variant…
Timeout is not same as closed
Ofcourse it will close after that, but the reason it can’t connect is because of the time out, eg trying to connect in first place which doesn’t get any response back…
Quite, and such was the reason for me giving it high probability a machine-local firewall was butting in. ufw isn’t the only such available firewall but certainly the most expected.
On a normal Manjaro install ssh works fine out of the box and including to GitHub; I tested your specific usecase and all’s fine here. I can’t for the life of me think of anything which you would/should not be aware of having done on that freshly installed Manjaro that would cause a connect timeout.
So. Did you do anything as to firewalls or alike? If not – can you ping that shown IP?
Connection timeout - this may happen when the IP-packets doesn’t reach the destination. This could be restrictions and the restrictions may be designed to silently drop the traffic (restrictive parties comes to mind) in which case it will create further challenges if one were to circumvent the restrictions as you cannot possible know why the connections drops - especially when a ping works - you just get more confused - which is the intention of such restriction - make it as difficult as possible to locate the cause.
But then - I don’t know it that is valid for your use-case.
If a restriction has been implemented on the network you are using - a ping is not a sure sign of being able to pull data from other services as ICMP is a completely different mechanism.
The messages is describing two very diffent scanarios.
Manjaro does NOT block any outgoing connections - and does not provide any active services accessible from outside (except the ARM images targeting small single board systems).
I don’t know if the installed firewall is enabled by default - in any case this would never affect outgoing connections.
So - your issue lies in-between systems - most likely your ISP or perhaps a country which restricts access to certain parts of the internet.
Demonstration to state the fact that this it is not a Manjaro issue
The issue may be due to a deprecated cipher as - a while ago - there was a major update to SSH on Manjoro which rendered may SSH connection not workable.
So while github may still support the older keys - the Arch client implementation does not - which will cause a failing connection.
I am amazed by the quick help of this community, thanks a lot.
As a last option I have installed and used VPN and out of the blue I can clone my repos now! SSH works as expected. All this still gives me a headache, because I am located in Germany and I do not have these problems with other machines within the same network.
I don’t know, if this counts as a solution. I’d rather have an explanation for this behaviour.