Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"Host key verification failed." when git cloning public GitHub repos #148

Closed
mcandre opened this issue Feb 13, 2017 · 4 comments
Closed

"Host key verification failed." when git cloning public GitHub repos #148

mcandre opened this issue Feb 13, 2017 · 4 comments

Comments

@mcandre
Copy link

mcandre commented Feb 13, 2017
edited
Loading

When I try to RUN git clone [email protected]:edenhill/librdkafka.git from the golang:1.7 base, Docker reports:

Cloning into 'librdkafka'...
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Could golang:1.7 have old or missing entries for GitHub's public key?
@tianon
Copy link
Member

tianon commented Feb 13, 2017

This would be because using the [email protected]:... syntax ends up using SSH to clone, and inside the container, your private key is not available. You'll want to use RUN git clone https://github.com/edenhill/librdkafka.git instead.

@aabes
Copy link

aabes commented Jun 24, 2017

The error in this case is about github.com host key, not private key.
see: http://debuggable.com/posts/disable-strict-host-checking-for-git-clone:49896ff3-0ac0-4263-9703-1eae4834cda3

@meldsza meldsza mentioned this issue Oct 6, 2017
Open
13 tasks
@asim42
Copy link

asim42 commented Jan 3, 2018

@aabes This Solved my problem, thanks!

@yosifkit
Copy link
Member

yosifkit commented Jan 3, 2018

@asim42, I would highly recommend against StrictHostKeyChecking no since it is insecure. The solutions is to either:

  • clone via https if it a public project: git clone https://github.com/docker-library/golang
  • echo the github host key into known_hosts: ssh-keyscan github.com >> ~/.ssh/known_hosts
    • you can then compare that to the fingerprints from github: ssh-keyscan -t rsa github.com | ssh-keygen -lf -
    • serverfault.com link

@yosifkit yosifkit closed this as completed Jan 3, 2018
@davidkarlsen davidkarlsen mentioned this issue Jan 21, 2019
Open
ucbjrl added a commit to ucb-bar/chisel-release that referenced this issue Jan 3, 2020
@ucbjrl
Replace dsptools URL git with https;minor update to checkout.yml
c413b32 
Using [email protected]:ucb-bar/dsptools.git fails with GitHub Workflows with a:
```
Cloning into '/home/runner/work/chisel-release/chisel-release/dsptools'...
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:ucb-bar/dsptools.git' into submodule path '/home/runner/work/chisel-release/chisel-release/dsptools' failed
Failed to clone 'dsptools'. Retry scheduled
```

According to docker-library/golang#148, this is due to the fact that neither the private key, nor the github host key are available inside the container. Switch the URL to `https:`.
@dfhawthorne dfhawthorne mentioned this issue Jan 10, 2020
Closed
@dword-design dword-design mentioned this issue Nov 28, 2021
Closed
@SDX-LV SDX-LV mentioned this issue Dec 2, 2021
Closed
@mahmoudrabie mahmoudrabie mentioned this issue Dec 21, 2021
Closed
@Lraxer Lraxer mentioned this issue Jan 19, 2022
Closed
@timiwahalahti timiwahalahti mentioned this issue Jul 28, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mcandre @tianon @aabes @yosifkit @asim42