# ERROR: Command errored out with exit status 128: git clone --filter=blob:none 'git@github.com:user/private-repo.git' /tmp/pip-install-xxxx Check the logs for full command output. - **ID:** `pip/git-clone-permission-denied-private-repo` - **Domain:** pip - **Category:** auth_error - **Error Code:** `ERROR` - **Verification:** ai_generated - **Fix Rate:** 80% ## Root Cause pip attempts to clone a private Git repository via SSH but the user does not have the correct SSH keys configured, or the repository URL is incorrect. ## Version Compatibility | Version | Status | Introduced | Deprecated | |---------|--------|------------|------------| | pip 21.3 | active | — | — | | pip 23.0 | active | — | — | | pip 24.0 | active | — | — | ## Workarounds 1. **Ensure SSH key is added to ssh-agent: `eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_rsa` then test with `ssh -T git@github.com`** (85% success) ``` Ensure SSH key is added to ssh-agent: `eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_rsa` then test with `ssh -T git@github.com` ``` 2. **Use a personal access token with HTTPS: `pip install git+https://@github.com/user/private-repo.git`** (90% success) ``` Use a personal access token with HTTPS: `pip install git+https://@github.com/user/private-repo.git` ``` 3. **Clone the repo manually first, then install from local path: `git clone git@github.com:user/private-repo.git && pip install ./private-repo`** (80% success) ``` Clone the repo manually first, then install from local path: `git clone git@github.com:user/private-repo.git && pip install ./private-repo` ``` ## Dead Ends - **Re-run pip with --verbose to see more details, assuming it will fix the issue.** — Verbose output only shows more log lines; it does not resolve authentication issues. (95% fail) - **Delete the /tmp/pip-install-xxxx directory and retry.** — The error is due to SSH authentication, not a stale cache directory. (90% fail) - **Use `pip install git+https://github.com/user/private-repo.git` without checking SSH.** — HTTPS also requires authentication (password or token) unless the repo is public. (70% fail)