git – 服务器主机密钥没有被caching
我尝试将更改从本地回购推送到远程回购。 当我input:
git push origin
我得到以下错误:
The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's rsa2 key fingerprint is: ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx Connection abandoned. fatal: The remote end hung up unexpectedly
我该如何解决这个问题? 我在Windows 7的命令行中使用git。
编辑
当我尝试做一个简单的SSH
ssh user@hostname
我得到以下错误:
Could not create directory '/c//%HOMEDRIVE%%HOMEPATH%/.ssh'. percent_expand: unknown key %H
不知怎的,它不会创build目录,因为path是无效的。 如何解决这个问题?
@eckes: Edit2
我的家被设置为%HOMEDRIVE%%HOMEPATH%
这是正确的吗?
该消息意味着源的主机密钥不存在于您的可信主机文件中。
为了解决这个问题,打开一个纯SSH连接origin
,SSH会问你是否要信任远程主机(从Git控制台):
$ ssh 127.0.0.1 The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. RSA key fingerprint is <FINGERPRINT>. Are you sure you want to continue connecting (yes/no)?
如果您信任远程主机(即键入yes
),则SSH会将其input到已知主机列表中。
之后,你应该能够做你的git push origin
。
或者,您也可以手动将origin
密钥添加到.ssh/known_hosts
但是这要求您遵守sshd
手册页(Section AUTHORIZED_KEYS FILE FORMAT )中描述的known_hosts
文件的格式 。
对于那些使用PuTTY通过标准命令提示符在Windows上设置MSYS Git的用户,将主机添加到PuTTYcaching的方法是运行
> plink.exe <host>
例如:
> plink.exe codebasehq.com The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's rsa2 key fingerprint is: ssh-rsa 2048 2e:db:b6:22:f7:bd:48:f6:da:72:bf:59:d7:75:d7:4e If you trust this host, enter "y" to add the key to PuTTY's cache and carry on connecting. If you want to carry on connecting just once, without adding the key to the cache, enter "n". If you do not trust this host, press Return to abandon the connection. Store key in cache? (y/n)
只需回答y
,然后按住Ctrl + C。
尽pipe检查指纹。 这个警告是有原因的。 一些git服务的指纹(请编辑添加更多):
- Github:
16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
- Bitbucket:
97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40
- Gitorious:
7e:af:8d:ec:f0:39:5e:ba:52:16:ce:19:fa:d4:b8:7d
尝试从Git Bash提示符下执行“set | grep -i ssh”
如果你的设置和我一样,你可能有这些设置:
GIT_SSH='C:\Program Files (x86)\PuTTY\plink.exe' PLINK_PROTOCOL=ssh SVN_SSH='"C:\\Program Files (x86)\\PuTTY\\plink.exe"'
我做了一个
unset GIT_SSH unset PLINK_PROTOCOL unset GIT_SVN
和它的工作后,..我猜腻子保存在其他地方的钥匙在其他地方作为$ HOME / .ssh什么的…(我也有一个问题,$ HOME被设置为“C:\ Users \ usrnam“而不是”/ C / Users / usrnam /“
无论如何,你的里程可能会有所不同,但这对我来说是固定的。 🙂
(可能只是做了GIT_SSH就足够了,但我一直在做)
注意:如果unset不适用于你,请试试这个:
set GIT_SSH=
我怀疑你的GIT_SSH
环境variables设置为%ProgramFiles(x86)%\putty\plink.exe
。 出于某种原因,PLink不会使用用户目录中的.ssh/known_hosts
文件来存储远程主机密钥。
如果这实际上是你的情况,并且如果你想使用pageant,可能是如此,你需要首先使用PLink连接到主机。
"$GIT_SSH" user@hostname
你应该得到一个类似的消息
The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's rsa2 key fingerprint is: ssh-rsa 2048 86:7b:1b:12:85:35:8a:b7:98:b6:d2:97:5e:96:58:1d If you trust this host, enter "y" to add the key to PuTTY's cache and carry on connecting. If you want to carry on connecting just once, without adding the key to the cache, enter "n". If you do not trust this host, press Return to abandon the connection. Store key in cache? (y/n)
一旦你回答了问题,并成功连接到远程主机,你应该全部设置。 继续尝试再次尝试。
只是ssh到主机是不够的,至less在Windows上。 这将主机密钥添加到ssh/known_hosts
但错误仍然存在。
你需要closuresgit bash窗口并打开一个新窗口。 然后registrycaching被清除,然后推/拉工作。
有同样的问题,忘记连接到真正的存储库端口 ,而不是一般的SSH端口,然后主机密钥是不同的SSH!
Rene,你的HOME
variables设置不正确。 将其更改为c:\Users\(your-username)
或者仅更改为%USERNAME%
。
解决scheme与Plink
将这个python脚本保存到known_hosts.py
:
#! /usr/bin/env python # $Id$ # Convert OpenSSH known_hosts and known_hosts2 files to "new format" PuTTY # host keys. # usage: # kh2reg.py [ --win ] known_hosts1 2 3 4 ... > hosts.reg # Creates a Windows .REG file (double-click to install). # kh2reg.py --unix known_hosts1 2 3 4 ... > sshhostkeys # Creates data suitable for storing in ~/.putty/sshhostkeys (Unix). # Line endings are someone else's problem as is traditional. # Developed for Python 1.5.2. import fileinput import base64 import struct import string import re import sys import getopt def winmungestr(s): "Duplicate of PuTTY's mungestr() in winstore.c:1.10 for Registry keys" candot = 0 r = "" for c in s: if c in ' \*?%~' or ord(c)<ord(' ') or (c == '.' and not candot): r = r + ("%%%02X" % ord(c)) else: r = r + c candot = 1 return r def strtolong(s): "Convert arbitrary-length big-endian binary data to a Python long" bytes = struct.unpack(">%luB" % len(s), s) return reduce ((lambda a, b: (long(a) << 8) + long(b)), bytes) def longtohex(n): """Convert long int to lower-case hex. Ick, Python (at least in 1.5.2) doesn't appear to have a way to turn a long int into an unadorned hex string -- % gets upset if the number is too big, and raw hex() uses uppercase (sometimes), and adds unwanted "0x...L" around it.""" plain=string.lower(re.match(r"0x([0-9A-Fa-f]*)l?$", hex(n), re.I).group(1)) return "0x" + plain output_type = 'windows' try: optlist, args = getopt.getopt(sys.argv[1:], '', [ 'win', 'unix' ]) if filter(lambda x: x[0] == '--unix', optlist): output_type = 'unix' except getopt.error, e: sys.stderr.write(str(e) + "\n") sys.exit(1) if output_type == 'windows': # Output REG file header. sys.stdout.write("""REGEDIT4 [HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys] """) # Now process all known_hosts input. for line in fileinput.input(args): try: # Remove leading/trailing whitespace (should zap CR and LF) line = string.strip (line) # Skip blanks and comments if line == '' or line[0] == '#': raise "Skipping input line" # Split line on spaces. fields = string.split (line, ' ') # Common fields hostpat = fields[0] magicnumbers = [] # placeholder keytype = "" # placeholder # Grotty heuristic to distinguish known_hosts from known_hosts2: # is second field entirely decimal digits? if re.match (r"\d*$", fields[1]): # Treat as SSH-1-type host key. # Format: hostpat bits10 exp10 mod10 comment... # (PuTTY doesn't store the number of bits.) magicnumbers = map (long, fields[2:4]) keytype = "rsa" else: # Treat as SSH-2-type host key. # Format: hostpat keytype keyblob64 comment... sshkeytype, blob = fields[1], base64.decodestring (fields[2]) # 'blob' consists of a number of # uint32 N (big-endian) # uint8[N] field_data subfields = [] while blob: sizefmt = ">L" (size,) = struct.unpack (sizefmt, blob[0:4]) size = int(size) # req'd for slicage (data,) = struct.unpack (">%lus" % size, blob[4:size+4]) subfields.append(data) blob = blob [struct.calcsize(sizefmt) + size : ] # The first field is keytype again, and the rest we can treat as # an opaque list of bignums (same numbers and order as stored # by PuTTY). (currently embedded keytype is ignored entirely) magicnumbers = map (strtolong, subfields[1:]) # Translate key type into something PuTTY can use. if sshkeytype == "ssh-rsa": keytype = "rsa2" elif sshkeytype == "ssh-dss": keytype = "dss" else: raise "Unknown SSH key type", sshkeytype # Now print out one line per host pattern, discarding wildcards. for host in string.split (hostpat, ','): if re.search (r"[*?!]", host): sys.stderr.write("Skipping wildcard host pattern '%s'\n" % host) continue elif re.match (r"\|", host): sys.stderr.write("Skipping hashed hostname '%s'\n" % host) continue else: m = re.match (r"\[([^]]*)\]:(\d*)$", host) if m: (host, port) = m.group(1,2) port = int(port) else: port = 22 # Slightly bizarre output key format: 'type@port:hostname' # XXX: does PuTTY do anything useful with literal IP[v4]s? key = keytype + ("@%d:%s" % (port, host)) value = string.join (map (longtohex, magicnumbers), ',') if output_type == 'unix': # Unix format. sys.stdout.write('%s %s\n' % (key, value)) else: # Windows format. # XXX: worry about double quotes? sys.stdout.write("\"%s\"=\"%s\"\n" % (winmungestr(key), value)) except "Unknown SSH key type", k: sys.stderr.write("Unknown SSH key type '%s', skipping\n" % k) except "Skipping input line": pass
testingWin7x64和Python 2.7 。
然后运行:
ssh-keyscan -t rsa bitbucket.org >>~/.ssh/known_hosts python --win known_hosts.py >known_hosts.reg start known_hosts.reg
并select导入到registry中。 keyscan将检索域的公钥(我有我的问题bitbucket),然后python脚本将其转换为Plink格式。
当我试图克隆我的Windows 7机器上的存储库时,我也遇到了同样的问题。 我尝试了这里提到的大部分答案。 他们都没有为我工作。
对我来说,运行的是Pageant (Putty身份validation代理)程序。 一旦Pageant在后台运行,我就可以克隆,从存储库中进行推送。 这对我有用,可能是因为我设置了我的公钥,以至于无论何时第一次使用密码并且Pageant启动。
只要打开腻子,并尝试build立连接到远程服务器,你想推你的代码。 当出现对话框时按是(你信任远程),那么一切都会好的。
我使用这种解决方法解决了类似的问题。
你只需切换到embedded式Git,按下,按下Yesbutton,然后切换回System Git。
你可以在这里find这个选项
Tools -> Options -> Git
工作环境:
- Windows 10
- 混帐
- 油灰
首先:根据Regedit删除putty known_hostsregistry。
然后:在Window的cmd中执行命令%GIT_SSH% user@hostname
解决了这个问题。
希望它可以帮助你。
从PuTTY改为OpenSSH为我解决这个问题,而不需要取消设置GIT_SSH等。
直接使用Bash添加主机并不能解决问题,在Git扩展中使用“全部获取”时仍会出现错误。 通过在一个分支上使用'Pull',所需的主机被Git Extensions自动添加,并带有Bashpopup窗口。 做完这些之后,我可以再次使用“全取”。 不确定Git扩展所做的不同。
我已经尝试了以上所有的方法,但他们都不能解决我的笔记本电脑上的相同的问题。 最后,我没有在git bash中将分支推送到原始地址,而是使用TortoiseGit的推送选项来执行推送,然后popup一个窗口,要求我将新的主机密钥添加到caching中,点击yesbutton后,现在好了
希望对大家有所帮助。