git - Gogs throws a "Permission denied" error when I delete public key file from client -

i installed gogs (go git server) on raspberry pi3 using offical gogs/gogs-rpi docker image, run as suggested :

docker run --name=gogs -p 10022:22 -p 10080:3000 -v /var/gogs:/data gogs/gogs-rpi 

i used laptop register admin user via gogs webinterface , added public key account. can clone git repositories pi laptop using command:

git clone ssh://git@192.168.178.50:10022/peter/my_repo.git 

i enter key-phrase , works fine.

now strange part... when delete public key file (id_rsa_gogs.pub) laptop , run above command again 'access denied' error.

does know be? registered public key in gogs. why need have version of public key on client machine? never heard of case in public key needs stay client.

udapte

if rm .pub keyfile , run ssh -tv git@192.168.178.50 -p 10022 -i /home/peter/.ssh/id_rsa_gogs this:

openssh_7.2p2 ubuntu-4ubuntu2.2, openssl 1.0.2g  1 mar 2016 debug1: reading configuration data /home/peter/.ssh/config debug1: reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: applying options * debug1: connecting 192.168.178.50 [192.168.178.50] port 10022. debug1: connection established. debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_rsa_gogs type -1 debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_rsa_gogs-cert type -1 debug1: enabling compatibility mode protocol 2.0 debug1: local version string ssh-2.0-openssh_7.2p2 ubuntu-4ubuntu2.2 debug1: remote protocol version 2.0, remote software version openssh_7.4 debug1: match: openssh_7.4 pat openssh* compat 0x04000000 debug1: authenticating 192.168.178.50:10022 'git' debug1: ssh2_msg_kexinit sent debug1: ssh2_msg_kexinit received debug1: kex: algorithm: curve25519-sha256@libssh.org debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com mac: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com mac: <implicit> compression: none debug1: expecting ssh2_msg_kex_ecdh_reply debug1: server host key: ecdsa-sha2-nistp256 sha256:[removed] debug1: host '[192.168.178.50]:10022' known , matches ecdsa host key. debug1: found key in /home/peter/.ssh/known_hosts:18 debug1: rekey after [removed] blocks debug1: ssh2_msg_newkeys sent debug1: expecting ssh2_msg_newkeys debug1: rekey after [removed] blocks debug1: ssh2_msg_newkeys received debug1: ssh2_msg_ext_info received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug1: ssh2_msg_service_accept received debug1: authentications can continue: publickey,keyboard-interactive debug1: next authentication method: publickey debug1: trying private key: /home/peter/.ssh/id_rsa_gogs enter passphrase key '/home/peter/.ssh/id_rsa_gogs':  debug1: authentication succeeded (publickey). authenticated 192.168.178.50 ([192.168.178.50]:10022). debug1: channel 0: new [client-session] debug1: requesting no-more-sessions@openssh.com debug1: entering interactive session. debug1: pledge: network debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug1: remote: forced command. debug1: remote: port forwarding disabled. debug1: remote: x11 forwarding disabled. debug1: remote: agent forwarding disabled. debug1: remote: pty allocation disabled. debug1: sending environment. debug1: sending env lc_telephone = de_de.utf-8 debug1: sending env lang = en_us.utf-8 debug1: sending env lc_name = de_de.utf-8 debug1: sending env lc_measurement = de_de.utf-8 debug1: sending env lc_identification = de_de.utf-8 debug1: sending env lc_monetary = de_de.utf-8 debug1: sending env lc_paper = de_de.utf-8 debug1: sending env lc_address = de_de.utf-8 debug1: sending env lc_numeric = de_de.utf-8 hi there, you've authenticated, gogs not provide shell access. if unexpected, please log in password , setup gogs under user. debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0 debug1: channel 0: free: client-session, nchannels 1 transferred: sent 3268, received 3096 bytes, in 0.2 seconds bytes per second: sent 15416.0, received 14604.6 debug1: exit status 0 

it seems fail if run ssh -tv git@192.168.178.10 -p 10022 (no specifying keyfile directly):

openssh_7.2p2 ubuntu-4ubuntu2.2, openssl 1.0.2g  1 mar 2016 debug1: reading configuration data /home/peter/.ssh/config debug1: reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: applying options * debug1: connecting 192.168.178.50 [192.168.178.50] port 10022. debug1: connection established. debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_rsa type -1 debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_rsa-cert type -1 debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_dsa type -1 debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_dsa-cert type -1 debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_ecdsa type -1 debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_ed25519 type -1 debug1: key_load_public: no such file or directory debug1: identity file /home/peter/.ssh/id_ed25519-cert type -1 debug1: enabling compatibility mode protocol 2.0 debug1: local version string ssh-2.0-openssh_7.2p2 ubuntu-4ubuntu2.2 debug1: remote protocol version 2.0, remote software version openssh_7.4 debug1: match: openssh_7.4 pat openssh* compat [removed] debug1: authenticating 192.168.178.50:10022 'git' debug1: ssh2_msg_kexinit sent debug1: ssh2_msg_kexinit received debug1: kex: algorithm: curve25519-sha256@libssh.org debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com mac: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com mac: <implicit> compression: none debug1: expecting ssh2_msg_kex_ecdh_reply debug1: server host key: ecdsa-sha2-nistp256 sha256:[removed] debug1: host '[192.168.178.50]:10022' known , matches ecdsa host key. debug1: found key in /home/peter/.ssh/known_hosts:[removed] debug1: rekey after [removed] blocks debug1: ssh2_msg_newkeys sent debug1: expecting ssh2_msg_newkeys debug1: rekey after [removed] blocks debug1: ssh2_msg_newkeys received debug1: ssh2_msg_ext_info received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug1: ssh2_msg_service_accept received debug1: authentications can continue: publickey,keyboard-interactive debug1: next authentication method: publickey debug1: trying private key: /home/peter/.ssh/id_rsa debug1: trying private key: /home/peter/.ssh/id_dsa debug1: trying private key: /home/peter/.ssh/id_ecdsa debug1: trying private key: /home/peter/.ssh/id_ed25519 debug1: next authentication method: keyboard-interactive debug1: authentications can continue: publickey,keyboard-interactive debug1: no more authentication methods try. permission denied (publickey,keyboard-interactive). 

check if same issue seen when registering , using ssh key without passphrase.

the outcome same without passphrase.

i don't know if matters have inside ~/.ssh/config gogs

host 192.168.178.50:10022     hostname 192.168.178.50:10022     identityfile ~/.ssh/id_rsa_gogs     user peter 

host 192.168.178.50:10022     hostname 192.168.178.50:10022     identityfile ~/.ssh/id_rsa_gogs     user peter 

ssh doesn't accept port number part of either host or hostname options here. result, it's not recognizing entry should apply connection attempts, , it's not applying identity file or user.

if need match ip address, should work:

host 192.168.178.50     port 10022     identityfile ~/.ssh/id_rsa_gogs     user peter 

if need match on port, should work:

match host 192.168.178.50 exec "test %p = 10022"     identityfile ~/.ssh/id_rsa_gogs     user peter 

this runs test command test port value. "%p" replaced port value ssh use point (either default of 22 or value command line). test known [; it's command-line utility used in shell scripts part of if statement.