连接到 GIT 存储库给出错误对等证书无效
connect to GIT repository gives error peer certificate invalid
我的公司已迁移到新的 GITHUB 存储库。在我的 Linux 开发服务器上,我正在尝试连接到新的 git 存储库以克隆它。我有一个部署工具,可以从 GIT 存储库获取软件并自动部署它。
但是,我与新存储库的新连接不起作用
$ git clone https://githubxxxxx.com/xxxxxxx/myrepo.git
Cloning into 'myrepo'...
fatal: unable to access 'https://githubxxxxx.com/xxxxxxx/myrepo.git/': Peer's certificate issuer has been marked as not trusted by the user.
我想我已经做了我想做的一切:
- 我为 SSH 创建了一个新密钥
- 我将密钥存储在 GIT 存储库中
我对我的笔记本电脑进行了相同的操作,并且成功了。
如果我更改 sslVerify
的全局 属性
git config --global http.sslVerify false
然后我就可以连接和克隆了,但是每次我都必须输入用户名和密码,这是没有意义的。
有谁知道我是否遗漏了这里的任何步骤?我还需要设置任何其他全局变量吗?
如果我对存储库执行 ssh -v,我发现我可以进行身份验证。
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ftpfdm/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug1: Authentication succeeded (publickey).
Authenticated to githubxxxxx.com (via proxy).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: proc
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi x329097! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Connection to githubxxxxx.com closed.
更新
如果我通过 ssh 尝试,我会被远程主机关闭连接
$ git clone ssh://githubxxxxx.com:mygroup/myrepo.git
Cloning into 'myrepo'...
ssh_exchange_identification: Connection closed by remote host
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
新更新
这反而有效。有谁知道为什么它以这种方式工作而不是 ssh://,而实际上是通过 ssh 进行克隆。我正要 post 解决方案作为答案,但我认为这是不对的,因为我不知道为什么这种方式有效。
git clone git@githubxxxxx.com:group/myrepo.git
Peer's certificate issuer has been marked as not trusted by the user.
这纯粹是一个 HTTPS 问题,与 SSH 无关。
您需要做的:
get the certificate of your remote GitHub server
将其另存为文件/home/<me>/ghe.pem(将<me>替换为您的用户登录名)
引用它:
git config --global http."https://githubxxxxx.com/".sslcainfo ${HOME}/ghe.pem
如果您使用的是 SSH URL,则始终需要使用远程用户“git”,这就是 git@githubxxxxx.com:group/myrepo.git 有效的原因。
我的公司已迁移到新的 GITHUB 存储库。在我的 Linux 开发服务器上,我正在尝试连接到新的 git 存储库以克隆它。我有一个部署工具,可以从 GIT 存储库获取软件并自动部署它。
但是,我与新存储库的新连接不起作用
$ git clone https://githubxxxxx.com/xxxxxxx/myrepo.git
Cloning into 'myrepo'...
fatal: unable to access 'https://githubxxxxx.com/xxxxxxx/myrepo.git/': Peer's certificate issuer has been marked as not trusted by the user.
我想我已经做了我想做的一切:
- 我为 SSH 创建了一个新密钥
- 我将密钥存储在 GIT 存储库中
我对我的笔记本电脑进行了相同的操作,并且成功了。
如果我更改 sslVerify
的全局 属性git config --global http.sslVerify false
然后我就可以连接和克隆了,但是每次我都必须输入用户名和密码,这是没有意义的。
有谁知道我是否遗漏了这里的任何步骤?我还需要设置任何其他全局变量吗?
如果我对存储库执行 ssh -v,我发现我可以进行身份验证。
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ftpfdm/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug1: Authentication succeeded (publickey).
Authenticated to githubxxxxx.com (via proxy).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: proc
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi x329097! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Connection to githubxxxxx.com closed.
更新
如果我通过 ssh 尝试,我会被远程主机关闭连接
$ git clone ssh://githubxxxxx.com:mygroup/myrepo.git
Cloning into 'myrepo'...
ssh_exchange_identification: Connection closed by remote host
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
新更新
这反而有效。有谁知道为什么它以这种方式工作而不是 ssh://,而实际上是通过 ssh 进行克隆。我正要 post 解决方案作为答案,但我认为这是不对的,因为我不知道为什么这种方式有效。
git clone git@githubxxxxx.com:group/myrepo.git
Peer's certificate issuer has been marked as not trusted by the user.
这纯粹是一个 HTTPS 问题,与 SSH 无关。
您需要做的:
get the certificate of your remote GitHub server
将其另存为文件
/home/<me>/ghe.pem(将<me>替换为您的用户登录名)引用它:
git config --global http."https://githubxxxxx.com/".sslcainfo ${HOME}/ghe.pem
如果您使用的是 SSH URL,则始终需要使用远程用户“git”,这就是 git@githubxxxxx.com:group/myrepo.git 有效的原因。