7

I have this:

ssh -T [email protected] || {
  echo "Could not ssh to/with Github, check your auth";
  exit 1;
}

I get:

Hi ORESoftware! You've successfully authenticated, but GitHub does not provide shell access.
Could not ssh to/with Github, check your auth

Since the exit code is not zero, do I really need to parse the output to see if auth can be established?

Improve this question
4
  • How many SSH keys do you have, under ~/.ssh, that are known to github? Commented Sep 15, 2018 at 0:13
  • At least 2 such ssh keys I think Commented Sep 15, 2018 at 0:13
  • 3
    If you could run commands you'd get back the exit status of the commands you run. Instead, you get back the exit status of the command that Github runs, that prints the "successfully authenticated" message and then exits 1. However, if the password is wrong or auth fails, you do get exit status 255. So you can use $? to tell these apart! Commented Sep 15, 2018 at 2:18
  • So if 1, it's ok, if 255, bad news, got it, huh Commented Sep 15, 2018 at 7:05

3 Answers 3

Reset to default
8

There are only 2 return values that I expect when running ssh -T [email protected]:

  1. 1: user is authenticated, but cannot open a shell with GitHub
  2. 255: user is not authenticated

You will never get a return code of 0 for exactly the reason @VonC described. That means you can't use fun bash shorthands for checking return codes, like short-circuiting logic checks - you must be explicit in recording and checking $?.

Here's a shell script I use to check if I'm auth'd to GitHub:

function github-authenticated() {
  # Attempt to ssh to GitHub
  ssh -T [email protected] &>/dev/null
  RET=$?
  if [ $RET == 1 ]; then
    # user is authenticated, but fails to open a shell with GitHub 
    return 0
  elif [ $RET == 255 ]; then
    # user is not authenticated
    return 1
  else
    echo "unknown exit code in attempt to ssh into [email protected]"
  fi
  return 2
}

You can use it casually from the command line like so:

github-authenticated && echo good

or more formally in a script like:

if github-authenticated; then
    echo "good"
else
    echo "bad"
fi
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

4

"successfully authenticated" message and then exits 1 can be confusing.
But GitHub returns an exit status of 1 because it refuses to do what your ssh command was asking: opening an interactive shell. Hence '1'

As mentioned in the ssh man page

ssh exits with the exit status of the remote command or with 255 if an error occurred.

See "How to create a bash script to check the SSH connection?" for more option.

In your case:

if ssh -q [email protected]; [ $? -eq 255 ]; then
   echo "fail"
else
   # successfully authenticated
fi
Improve this answer

Comments

1

Instead of checking for value 255, I prefer checking for value 1. There could exist other implementations of ssh that use values other than 255.

set +e  # If initially using `set -e`
ssh -T [email protected]  # Expected exit status is 1.
exit_status=$?
set -e  # If initially using `set -e`
if [ ${exit_status} -ne 1 ] && [ ${exit_status} -ne 0 ]; then
  exit ${exit_status}
fi

I understand that value 0 isn't expected with GitHub, but I'm allowing for it anyway in case GitHub decides to change the returned value to something more practical (0) than pedantic (1).

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.