Given that:
- I have an Azure user account
- I’ve configured an SSH key on a given machine
- I’ve registered the public key from that machine with my user account
Observed behavior
I CANNOT connect via SSH using a public key to Azure DevOps from that machine. It offers only the “password” from one machine.
Expected behavior
I CAN connect via SSH using a public key to Azure DevOps from that machine.
Steps to Reproduce
- Assume a user exists on Azure
- Log on to a Windows machine
- Open PowerShell
- Run ssh-keygen
- Use the standard filenames
- Enter a keyphrase
- Register the public key with the Azure user
- Back in PowerShell, run “ssh -v email address removed for privacy reasons”
- It should show a long debug log, with “shell request failed on channel 0” at the end (because ssh.dev.azure.com lets you connect, but doesn’t support shell)
- Instead, it shows “email address removed for privacy reasons's password:” and requests a password
Analysis
I have two machines: Windows 10 and Windows Server 2022.
On the Windows 10 machine, when I test the connection in debug mode, I see that both password and publickey authentication methods are offered.
debug1: Authentications that can continue: password,publickey
debug3: start over, passed a different list password,publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
However, on the Windows Server 2022 machine, when I test the connection in debug mode, I see that only the password authentication method is offered.
debug1: Authentications that can continue: password
debug3: start over, passed a different list password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup password
debug3: remaining preferred: ,keyboard-interactive,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
My hypothesis is that there is some setting or missing software on the build server that is preventing it from offering publickey as an authentication method.
I am hoping that someone will be able to tell me what influences the list of supported authentication methods?