Forum Discussion
Cannot use SSH with public-key to connect to Azure from an on-premise agent
Given that:
- I have an Azure user account
- I’ve configured an SSH key on a given machine
- I’ve registered the public key from that machine with my user account
Observed behavior
I CANNOT connect via SSH using a public key to Azure DevOps from that machine. It offers only the “password” from one machine.
Expected behavior
I CAN connect via SSH using a public key to Azure DevOps from that machine.
Steps to Reproduce
- Assume a user exists on Azure
- Log on to a Windows machine
- Open PowerShell
- Run ssh-keygen
- Use the standard filenames
- Enter a keyphrase
- Register the public key with the Azure user
- Back in PowerShell, run “ssh -v email address removed for privacy reasons”
- It should show a long debug log, with “shell request failed on channel 0” at the end (because ssh.dev.azure.com lets you connect, but doesn’t support shell)
- Instead, it shows “email address removed for privacy reasons's password:” and requests a password
Analysis
I have two machines: Windows 10 and Windows Server 2022.
My hypothesis is that there is some setting or missing software on the build server that is preventing it from offering publickey as an authentication method.
I am hoping that someone will be able to tell me what influences the list of supported authentication methods?
1 Reply
I have an update. The Windows Server 2022 machine is perfectly capable of connecting to an on-premise Azure Server with SSH and publickey authentication. So, it's not that the machine is completely incorrectly configured. It just can't communicate via SSH/publickey with ADOS.
To recap:
- Windows 10 => on-prem Azure/TFS
- Windows 10 => ADOS
- Windows Server 2022 => on-prem Azure/TFS
- Windows Server 2022 => ADOS
- Windows 10 => on-prem Azure/TFS
