Open fowles opened 1 year ago
While this is true and we need a better human error, the ssh -F /dev/null
hint was added because of this - did it not help you trace it down to the github thing right away?
ssh git@github.com
would fail with a giant MITM error, prompting you to do ssh-key -R github.com
and then ssh git@github.com
again to get the new fingerprint.
truthfully I did not try ssh git@github.com
because I just assumed there is no possible way that github left the default port for ssh open in that way. I am used to thinking of ssh
solely in terms of machines I have remote terminal access to and I don't have remote terminal access to github. I suspect that if the suggestion had said to try ssh -F /dev/null git@github.com
I would have tried that.
The end result is that I actually spent about 45 minutes trying various stupid things before figuring out the workaround I did.
default port for ssh open in that way
Well what port would the git clone over ssh use then? :)
I suspect that if the suggestion had said to try ssh -F /dev/null git@github.com I would have tried that.
That should be an easy partial fix for the hint then, thanks, makes total sense that people don't think about ssh-ing to github.com like that.
Ideally ofc the hint would be specifically for when host identification changes like it happened with github, libssh2 errors dont give too much information though it seems
Well what port would the git clone ~over ssh~ use then? :)
Honestly, I had never thought about it. It is funny the abstractions we just accept :)
I suspect we should add a certificate_check
callback and check known_hosts
there but that's just a guess.
Relatedly, when I attempted jj git clone git@github.com:...
, I got the following error both before and after removing github.com from my known hosts:
Error: Fetch failed: invalid or unknown remote ssh hostkey; class=Ssh (23); code=Certificate (-17)
When I did a normal git clone
with the same argument, I got the normal new host flow:
The authenticity of host 'github.com (192.30.255.113)' can't be established.
ECDSA key fingerprint is SHA256:p2QAMXNIC1TJYWeIOttrVc98/R1BUFWu3/LiyKgUfQM.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'github.com,192.30.255.113' (ECDSA) to the list of known hosts.
In this case, there was no error message to help me figure out (or remediate) the problem.
If you install jj from head, you should at least get a hint there: https://github.com/martinvonz/jj/blob/0c36b1ad4e13f270b015868d1dd66cd42f11490e/src/commands/git.rs#L165-L181
I'm guessing jj git clone
works now after the successful git clone
?
I installed jj from head (using the cargo
command above), and a hint does show then. Cloning does not work afterwards (just hangs; verbose logs just shows a lot of lines like INFO fetch{remote_name="origin" branch_name_globs=None git_settings=GitSettings { auto_local_branch: true }}: jujutsu_lib::git: using ssh_key_from_agent username="git"
, eventually failing with Error: remote rejected authentication: Failed getting response; class=Ssh (23); code=Auth (-16)
) but that's a separate issue.
(I turned on VPN (quantumult x).Yes, I have to turn it on.)
I encountered a similar situation https is ok, but ssh failed:
11:37 ❯ jj git clone https://github.com/zzhaolei/jj-demo.git
Fetching into new repo in "/Users/zhaolei/Study/jj-demo"
branch: main@origin [new] untracked
Setting the revset alias "trunk()" to "main@origin"
Working copy now at: srltlnwl d6627064 (empty) (no description set)
Parent commit : luoyttxn 58cd234f main | add gitignore
Added 2 files, modified 0 files, removed 0 files
11:37 ❯ rm -rf jj-demo/
11:37 ❯ jj git clone git@github.com:zzhaolei/jj-demo.git
Fetching into new repo in "/Users/zhaolei/Study/jj-demo"
Error: failed to start SSH session: Failed getting banner; class=Ssh (23)
Hint: Jujutsu uses libssh2, which doesn't respect ~/.ssh/config. Does `ssh -F /dev/null` to the host work?
11:39 ❯ ssh -F /dev/null git@github.com
Connection closed by 198.18.1.134 port 22
git erverything is ok:
11:40 ❯ git clone https://github.com/zzhaolei/jj-demo.git
...
11:40 ❯ rm -rf jj-demo/
11:40 ❯ git clone git@github.com:zzhaolei/jj-demo.git
...
11:42 ❯ ssh -T git@github.com
Hi zzhaolei! You've successfully authenticated, but GitHub does not provide shell access.
~/.ssh/config
and ~.gitconfig
has no configuration for github.com
I recently tried to use
jj
to push to github. The error I got was very perplexing to me. In particular I saw this.I eventually traced this down to the recent github host changing
so this fixed it, but an error message that told me something more (or better yet gave me the prompt that git does) would be awesome.