I have trouble getting the official Windows ADT 21.1.0 distribution to connect to a git repository. No matter what I tried(details below) it complains about host key not present in the registry and shows me no option to accept the host key. The remote server is running Gitlab and is under my control. There's no problem with connectivity or firewalls.
What I tried so far:
connecting without giving a password, with user git
connecting while giving a password, with another user
adding manually the host key in the known_hosts file that is found in the ssh home directory(Preferences->General->Network Connections->SSH2->SSH2 home).
The message is always:
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's rsa2 key fingerprint is:
ssh-rsa 2048 xx:xx:xx...
Connection abandoned.
RSE works without any problems, only egit gives me problems.
You could workaround the problem by not using the ssh protocol with the git server, but instead the git or http protocol.
One reason for the above message can be using a folder called "ssh" instead of ".ssh" (note the dot). Some colleague of mine experienced that, and this can easily happen when using Windows explorer, as it will silently remove the dot, when creating a folder called ".ssh". You have to use the command line instead.
Related
I've created GIT repo at my account of shared hosting via cPanel. Then I've installed Git to my local PC with Windows, right-clicked local repo folder and selected the command "Git Bash Here". Next I've run in CMD the command like
git clone ssh://user123#example.com/home/user123/public_html/repo
First I've received
The authenticity of host 'example.com (...)' can't be established.
ED25519 key fingerprint is SHA256:...
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?
I've typed "yes" and received the error
Warning: Permanently added 'example.com' (ED25519) to the list of known hosts.
user123#example.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
Next I've copy-pasted the file id_rsa from the folder .ssh at my hosting to my local folder C:/Users/MyUserName/.ssh
Now if I run the command of cloning I receive
Enter passphrase for key '/c/Users/MyUserName/.ssh/id_rsa':
Why? What is the passphrase and where can I get it?
The pass-phrase is the password(s) you used when you created the ssh keys. You must use those password(s) to unlock access to the ssh keys.
Note that the warnings (about whether the host is known or not) are just that: warnings. The first time you connect to some other system, your ssh software checks the identity message that comes from that host. But there's nothing to check against, so you get the warnings. After that, the identity is saved, so the second, third, etc., times that you connect to the host, your ssh makes sure it identifies itself the same way. (This is a fancied-up variant of having the host tell you its password, which you then check to make sure you're still talking to the same guy.)
Of course, the host doesn't know whether the guy claiming to be you is really you, so the host demands that you provide your password. Your "password" in this case is your ssh key ... and your ssh key is protected with another password (or rather, "pass phrase": you can use multiple words). So you give your machine your "get me the password" pass-phrase, after which your machine gets the password to give to their host.
I keep most of my personal projects on BitBucket by Atlassian. As a natural choice, I use SourceTree app (their product) as git GUI client on Windows, and I'm happy with it. For projects where ssh git is available, I prefer ssh over https. SourceTree plays very well with projects hosted on BitBucket. Although it offers both of ssh agents: OpenSSH or PuTTY, its default selection is PuTTY/Plink (perhaps because PuTTY is more Windows-familiar).
Recently my establishment requested to host some projects on its own server. At first look it's a git server using GitLab opensource. I can use SourceTree with project hosted here using https just fine, however when it comes to ssh, the only choice of SSH agent is OpenSSH. The only key pair it would use (unless specified in config) is ~/.ssh/id_rsa.pub and ~/.ssh/id_rsa (located in %USERPROFILE%\.ssh\
I've tried to:
Load ~/.ssh/id_rsa into PuTTY Key Generator
Convert it to PuTTY format (.ppk) file
Load the .ppk into Pageant (PuTTY authentication agent).
Despite the key being loaded and kept in the memory by Pageant, the connection with the server failed all the time, e.g. git: fatal: Could not read from remote repository. The only way to make it work is to start ssh-agent and ssh-add (go with OpenSSH).
Since I have Pageant running usually in the background, I find it more convenient to use (e.g. the keyphrase to open the private key is long/complex, and I don't remember it, and it can be copy-pasted from KeePass, while in the case of OpenSSH, cmd console does not allow me to paste it, too bad).
Is there anyway to make the ssh authentication to GitLab done via PuTTY instead of OpenSSH?
Did you connect to the SSH server using PuTTY before using plink? If not a reason could be that plink is refusing to connect to the server, because the ssh hostkey isn't verified yet. Another reason could be that the SSH server requires ciphers which are not supported by PuTTY. You can only find out if you connect with PuTTY with the same version as plink.
Use TortoiseGitPlink (from TortoiseGit) to circumvent this issue, as it will popup a messagebox asking whether to accept the hostkey or not.
I'm running on a Windows 7 machine with msysgit, git Bash, tortoisegit and posh-git all installed.
Our company has a git server that previously ran on https. Then, for a time it had both https and ssh. Now it has only ssh. Everything ran without issues on https.
I generated and installed all my keys without a problem. I can push/pull/whatever via tortoisegit with no problems. However, I can no longer use the command line in either git BASH or powershell + posh-git. I think part of the reason is because we do not use port 22, but a custom port for increased security.
Note that hostname and port number have been changed in the commands below to protect the innocent.
I get the errors below when trying to push/pull, but I'm showing commands just to test the ssh server to show that ssh is the issue (I believe). If I don't specify the port, it finds the server and attempts to connect - but since it defaults to port 22 I get an error as shown below:
C:\gitpath\design [master]> ssh ssh://git#dev.zzz.us
ssh: connect to host dev.zzz.us port 22: Bad file number
If I do specify the port, however, it then cannot find the hostname:
C:\gitpath\design [master]> ssh ssh://git#dev.zzz.us:9092/
ssh.exe": Could not resolve hostname dev.zzz.us:9092/: no address associated with name
I've looked at similar posts and they all pointed to needing the protocol included (ssh://) to prevent this error. As you can see, I'm getting this error even with the protocol in place. I've also tried with and without the ending '/' - same result. Is there something else with the syntax I'm missing?
Identifiers such as ssh://git#dev.zzz.us:9092/ can be used by git to specify
a non-standard port for SSH when configuring remote repositories. However, the
remote identifier must include the path (I prefer to use the absolute path) to
the remote repository, e.g.,
git remote add origin ssh://git#dev.zzz.us:9092/path/to/repo.git
However, to test such a connection using the ssh command, you use the -p
option to specify the TCP port number and then user#hostname:
ssh -p 9092 git#dev.zzz.us
Note: I usually use Git from a Unix system (not from Windows) and the ssh
command is provided by the Openssh package.
Edit: I just checked on a Windows box and see that MSysGit also uses Openssh
so the above commands work; I haven't checked with Powershell but there shouldn't
be any issues running the above commands through the Bash shell.
I've just successfully built SparkleShare for windows according to guide:
https://github.com/wimh/SparkleShare/wiki
and exported my ssh public key to a server.
The problem is that I can't connect from a client behind a http_proxy to a public server with ssh running on a custom port. I had also problem with cloning any git server. I need to switch git:// protocol to http:// one. Any suggestion? Does anyone have similar experience?
This is a log file:
15:25:13 [SSH] ssh-agent started, PID=4380 Identity added:
C:\Users\MYUSER\AppData\Roaming\sparkleshare\sparkleshare.MYEMAIL.key
(C:\Users\sg0922706\AppData\Roaming\sparkleshare\sparkleshare.MYEMAIL.key)
15:25:34 [Fetcher][C:\Users\MYUSER\Documents\SparkleShare.tmp\share]
Fetchin g folder: ssh://MYGITUSER#MYHOST/MYPATH 15:25:34 [Fetcher]
Disabled host key checking MYHOST 15:25:34 [Cmd] git clone --progress
"ssh://MYGITUSER#MYHOST/MYPATH" "C:\Us
ers\MYUSER\Documents\SparkleShare.tmp\share" 15:25:37 [Git] Exit code
128 15:25:37 [Fetcher] Failed 15:25:37 [Fetcher] Enabled host key
checking for MYHOST
To get SparkleShare to use your proxy you will need to modify the config of the msysgit that is installed as part of SparkleShare. Navigate to C:\Program Files (x86)\SparkleShare\msysgit\etc and edit the gitconfig file in notepad and add the following line under the [http] tag
proxy = http://user:pass#proxyurl:port
modifying the url as required to match your settings. You can then use the "On my own server" option to add the http url of your repository.
I have a work around on this particular problem. I guess that you already successfully connected to your server via a simple SSH client (i.e. PuTTY)? With PuTTY you can easily configure an ssh connection via any kind of proxy (such as HTTP, SOCKS, Telnet, ..)
What you can do now is to specify a local "tunnel" (an SSH port forwarding rule) like this: L22 127.0.01:22 (see attachment). If you are using a ssh command line add the following option: -L 22:127.0.01:22.
So now as soon as your terminal is open and running you'll be able to reach your git server via the server url: ssh://git#127.0.0.1.
If your local port 22 is busy you can define the tunnet on a other port. i.e. if the 44 is not occupied: L44 127.0.0.1:22. The url to use in SparkleShare become ssh://git#127.0.0.1:44.
But it's a work around. I'm looking for a better solution.
So on my friends local Windows machine we are trying to setup GIT.
Basically, we've been following this guide which has been great. The problem we are facing is as follows:
All works until we get to Using Gitosis
When we use the command
git clone
git#INSERT_IP_HERE:gitosis-admin.git
We keep getting
Initialized empty Git repository in
/home/Thomas/gitosis-admin/.git
Connection closed by IP_HERE fatal:
The remote end hung up unexpectedly
When we try simply
ssh git#IP_HERE
We get "Connection closed by IP_HERE"
If we login as
runas /user:git C:/cygwin/cygwin.bat
And run > ssh git#IP_HERE
We at least get asked for a password then
Last Login: Connection to IP_HERE
closed.
Would anyone be able to help ?
The error does indeed indicate that authentication is failing.
Firstly, open gitosis.conf on the server and check that you are a member of the group containing gitosis-admin repository. It should show something like.
[gitosis]
[group gitosis-admin]
writable = gitosis-admin
members = user1 user2
The member name must match with a public key in /keydir before access can be made.
Secondly, you do not say how you are connecting from the Windows machines. If you are using Git under Cygwin, make sure you are correctly loading the private key. If you are using MsysGit with Putty, be sure to load the private key before connecting as well.
There is a small gotcha if PuttyGen is used to generate key pairs, and that is the default format is different from OpenSSH which you are probably using. Copy and paste from the top window, or alternatively edit the multiline public key file to read like this.
ssh-rsa AAAABB...KEYBODY...ONLkQ== user1
Lastly, make sure port 22 is open in any firewalls if that is indeed the port you are using.
A more comprehensive description of how to set up a Git server with Gitosis on Windows, can be found at here
I recommend the use of MsysGit from windows, as it gives better integration into the Windows environment. TortoiseGit and GitExtensions both use MsysGit as the backend, and provide nice Gui's and explorer shell extensions. GitExtensions full installer will provide the windows user with everything they need.
Did you get past runnig the gitosis-init < /tmp/id_rsa.pub command?
That error indicates to me that the public key isn't set up properly. The command above initializes gitosis with the first key.