Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Linux: Incorrect permissions on SSH keys.

See original GitHub issue

Discovered when attempting git based deployment that uses private repo within NPM.

Relevant part of the logs:

remote: npm ERR! Bad owner or permissions on /home/6431f78a17d565eb48d79cd2/.ssh/config
remote: npm ERR! fatal: Could not read from remote repository.
remote: npm ERR!
remote: npm ERR! Please make sure you have the correct access rights
remote: npm ERR! and the repository exists.
remote: npm ERR!
remote: npm ERR!
remote: npm ERR! If you need help, you may report this error at:
remote: npm ERR!     <https://github.com/npm/npm/issues>

I’m going to take a guess that its because the ssh keys have been created with no owner, or at least not the correct owner which I’m assuming to be ‘6431f78a17d565eb48d79cd2’ in this case.

/home>ls -la 6431f78a17d565eb48d79cd2/.ssh
total 5
drwxrwxrwx 2 nobody nogroup    0 Jan 26 10:52 .
drwxrwxrwx 2 nobody nogroup    0 Jan 26 10:51 ..
-rwxrwxrwx 1 nobody nogroup   34 Jan 26 10:52 config
-rwxrwxrwx 1 nobody nogroup 1679 Jan 26 10:52 id_rsa
-rwxrwxrwx 1 nobody nogroup  380 Jan 26 10:52 id_rsa.pub

The public key itself works no problem when pulling the repo’s on my local machine so I feel like it’s only permission based.

Issue Analytics

State:
Created 7 years ago
Comments:5 (3 by maintainers)

Top GitHub Comments

1reaction

nickwalkmsftcommented, Jan 26, 2017

Hey @jackturnbull,

This is a known issue with Kudu on Linux at the moment. A fix is forthcoming.

ssh does an extended check on ~/.ssh/config and halts if the owner or permissions aren’t what it expects; see the “Files” section at the very bottom of the ssh_config man page. Due to the way the environment is set up, it’s not possible to change the owner or permissions on files in /home. chmod and chown will fail silently.

A fix is forthcoming. Although I haven’t tested it, an interim workaround that should work is to use the Kudu Bash console to delete /home/$KUDU_RUN_USER/.ssh/config, and add an entry to the known_hosts file for the remote server. A limitation of this is that Kudu will recreate the config file if you ever regenerate the key, which will happen if you disconnect/reconnect to source control, but you should be able to operate without it as long as there is a known_hosts entry for the remote.

0reactions

nickwalkmsftcommented, Mar 3, 2017

Fix is live. CI from private repos and any other repository accessed via ssh is enabled.