Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

UnknownHostKey Exception in Accessing GitHub Securely

I'm using jgit to access a repository in GitHub securely. I did the following to generate keys for secure communication between GitHub and my client code.

  1. Generated the key pair:

    ssh-keygen -t rsa
    
  2. Added the public key to GitHub account with Account Settings -> SSH keys -> add SSH key

  3. Added the private key generated in step 1 to the local host with:

    ssh-add id_rsa
    

After doing this, when I try to access GitHub and make a clone, I still get the following error:

org.eclipse.jgit.api.errors.TransportException: [email protected]:test/test_repo.git: UnknownHostKey: github.com. RSA key fingerprint is 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:137)
at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:178)
at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:125)

This is the code that I used:

    String localPath, remotePath;
    Repository localRepo;
    Git git;

    localPath = <path_to_local_repository>;
    remotePath = "[email protected]:test/test_repo.git";

    try {
        localRepo = new FileRepository(localPath + "/.git");
    } catch (IOException e) {
        e.printStackTrace();
    }
    git = new Git(localRepo);

    CloneCommand cloneCmd =  git.cloneRepository().
                setURI(remotePath).
                setDirectory(new File(localPath));
        try {
            cloneCmd.call();
        } catch (GitAPIException e) {
            log.error("git clone operation failed");
            e.printStackTrace();
        }

Kindly let me know the issue here and what should I do to rectify it.

Thanks.

like image 430
Izza Avatar asked Nov 15 '12 11:11

Izza


2 Answers

As this thread is first result to :

com.jcraft.jsch.JSchException: UnknownHostKey: gitservername. RSA key fingerprint"

and the only answer, if the problem persists, is to disable StrictHostKeyChecking, which is not acceptable for security purposes.

If the problem persists, you should have a look to this answer from another thread :

https://stackoverflow.com/a/44777270/13184312

What solved the persisting problem is :

ssh-keyscan -H -t rsa gitservername >> ~/.ssh/known_hosts
like image 157
Pelsce Avatar answered Nov 15 '22 21:11

Pelsce


It happens because you have no entry for github in ~/.ssh/known_hosts, and JSch used in jgit defaults to rejecting session in this case. Refer to this question for solutions: com.jcraft.jsch.JSchException: UnknownHostKey

To set the ssh session property, you need to create a session factory for jgit:

SshSessionFactory.setInstance(new JschConfigSessionFactory() {
  public void configure(Host hc, Session session) {
    session.setConfig("StrictHostKeyChecking", "no");
  }
})

or add StrictHostKeyChecking=no to ~/.ssh/config

like image 21
Denis Tulskiy Avatar answered Nov 15 '22 21:11

Denis Tulskiy