英文:
ssh clone not working with github, what might be the issue?
问题
已生成SSH密钥对并将公钥添加到Bitbucket和GitHub帐户。可以成功从我们组织的Bitbucket克隆,但无法使用SSH从我们组织的GitHub仓库克隆。以下是结果:
git clone git@github.com:xxx/abc.git
Cloning into 'abc'...
ssh: connect to host github.com port 22: Connection timed out
fatal: Could not read from remote repository.
尝试以下命令,但连接时会卡住:
ssh -vT git@github.com
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to github.com [20.207.73.82] port 22.
debug1: connect to address 20.207.73.82 port 22: Connection timed out
ssh: connect to host github.com port 22: Connection timed out
但以下命令有效:
ssh -vT -p 443 git@ssh.github.com
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to ssh.github.com [20.207.73.83] port 443.
...
我不知道如何解决这个问题,已尝试生成另一个密钥对并添加,但仍然无法解决。我们还在使用组织的Open VPN,如果有关此问题的影响,请告知。
英文:
I have generated ssh key-pair for my account and added public key to my both bitbucket and github account. I am able to clone successfully from our org's bitbucket but unable to clone our org's github repo using SSH.
Following are the results
git clone git@github.com:xxx/abc.git
Cloning into 'abc'...
ssh: connect to host github.com port 22: Connection timed out
fatal: Could not read from remote repository.
Tried following command but it gets stuck at connecting
ssh -vT git@github.com
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to github.com [20.207.73.82] port 22.
debug1: connect to address 20.207.73.82 port 22: Connection timed out
ssh: connect to host github.com port 22: Connection timed out
But the following command works
ssh -vT -p 443 git@ssh.github.com
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to ssh.github.com [20.207.73.83] port 443.
debug1: Connection established.
debug1: identity file /home/myuser/.ssh/id_rsa type -1
debug1: identity file /home/myuser/.ssh/id_rsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_dsa type -1
debug1: identity file /home/myuser/.ssh/id_dsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/myuser/.ssh/id_ed25519 type 3
debug1: identity file /home/myuser/.ssh/id_ed25519-cert type -1
debug1: identity file /home/myuser/.ssh/id_ed25519_sk type -1
debug1: identity file /home/myuser/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/myuser/.ssh/id_xmss type -1
debug1: identity file /home/myuser/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
debug1: Remote protocol version 2.0, remote software version babeld-6046b64f
debug1: no match: babeld-6046b64f
debug1: Authenticating to ssh.github.com:443 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:p2QAMXNIC1TJYWeIOttrVc98/R1BUFWu3/LiyKgUfQM
debug1: checking without port identifier
The authenticity of host '[ssh.github.com]:443 ([20.207.73.83]:443)' can't be established.
ECDSA key fingerprint is SHA256:p2QAMXNIC1TJYWeIOttrVc98/R1BUFWu3/LiyKgUfQM.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[ssh.github.com]:443,[20.207.73.83]:443' (ECDSA) to the list of known hosts.
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/myuser/.ssh/id_ed25519 ED25519 SHA256:jQIcEmfKxygZTBMM2W22ia6pPFigVGBLUIqcFGSlxy4 agent
debug1: Will attempt key: /home/myuser/.ssh/id_rsa
debug1: Will attempt key: /home/myuser/.ssh/id_dsa
debug1: Will attempt key: /home/myuser/.ssh/id_ecdsa
debug1: Will attempt key: /home/myuser/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/myuser/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/myuser/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/myuser/.ssh/id_ed25519 ED25519 SHA256:jQIcEmfKxygZTB112W22ia6pPFigVGBLUIqcFGSlxy4 agent
debug1: Server accepts key: /home/myuser/.ssh/id_ed25519 ED25519 SHA256:jQIcEmfKxygZTB112W22ia6pPFigVGBLUIqcFGSlxy4 agent
debug1: Authentication succeeded (publickey).
Authenticated to ssh.github.com ([20.207.73.83]:443).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_IN
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi my-github-username! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2156, received 2552 bytes, in 0.4 seconds
Bytes per second: sent 5121.8, received 6062.6
debug1: Exit status 1
I dont know what to make of it or how to solve this issue, I have tried generating another key-pair and adding it but it still doesn't work. We are also using org's Open VPN, if that matters
答案1
得分: 1
以下是翻译好的部分:
"Something, either on your network or on an ISP between you and GitHub, is blocking your attempt to connect to github.com port 22. That verbose SSH output is the telltale sign: normally you'd establish a TCP connection first, and then get to the key exchange, but instead you get 'Connection timed out'. (Your keys are fine - otherwise you wouldn't have gotten your username back on that 'ssh -Tvp443 git@ssh.github.com' command.)"
中文翻译:"无论是您的网络还是位于您与GitHub之间的ISP都在阻止您连接到github.com的22端口。那些冗长的SSH输出是一个明显的迹象:通常您会首先建立TCP连接,然后进行密钥交换,但现在您却得到了'连接超时'的错误。 (您的密钥没有问题 - 否则您不会在'ssh -Tvp443 git@ssh.github.com'命令中收到您的用户名。)"
https://docs.github.com/en/authentication/troubleshooting-ssh/using-ssh-over-the-https-port 中详细介绍了一个相当巧妙的解决方法:使用'~/.ssh/config' 来定义具有SSH特定主机名和端口的'github.com',这样通常的'git@github.com'每次都能正常工作(尽管实际上您对主机和端口进行了一些小伎俩)。
中文翻译:"或者,您可以使用特殊语法克隆每个存储库,如'ssh://git@ssh.github.com:443/xxx/abc.git',并让远程服务器处理详细信息。"
英文:
Something, either on your network or on an ISP between you and GitHub, is blocking your attempt to connect to github.com port 22. That verbose SSH output is the telltale sign: normally you'd establish a TCP connection first, and then get to the key exchange, but instead you get "Connection timed out". (Your keys are fine - otherwise you wouldn't have gotten your username back on that ssh -Tvp443 git@ssh.github.com command.)
https://docs.github.com/en/authentication/troubleshooting-ssh/using-ssh-over-the-https-port details a pretty slick workaround: using ~/.ssh/config to define github.com with the SSH-specific hostname and port, so that the usual git@github.com works every time (even though you're actually being sneaky about host and port).
Alternately, you clone each repository with a special syntax, ssh://git@ssh.github.com:443/xxx/abc.git, and let the remote take care of the details.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论