Question 37440 in Ubuntu Question posted in
The official Ubuntu documentation can be found here.

Git push failed with Host key verification failed – Ubuntu

I use following steps in Jenkinsfile to push tags to github

sshagent (credentials: ['jenkins']) {
sh """
    git config --add url."[email protected]:".insteadOf "https://github.com/"
    git config user.name 'Jenkins'
    git config user.email '$$$+###@users.noreply.github.com'
    git tag -a dimToOff_v"${PRETTY_BUILD_VERSION}"_"${BUILD_NUMBER}" ${COMMIT_ID} -m "${JENKINS_TAG_MESSAGE}"
    git push --tags
"""
}

This stopped working recently with following error for git push --tags

Host key verification failed.
fatal: Could not read from remote repository.

I followed the steps mentioned here, but it didn’t solve the issue.

Also tried to set GIT_SSH_COMMAND=ssh -Tvv, then I got following output.

 + export GIT_SSH_COMMAND=ssh -Tvv
 + true
 + true
 + git config --add [email protected]:.insteadOf https://github.com/
 + git config user.name Jenkins
 + git config user.email ***+###@users.noreply.github.com
 + git tag -a dimToOff_v0.0.0_18 0dcd640861c996bb23fffe7d09353085a150d5fb -m By Jenkins
 + cat /home/jenkins/.ssh/known_hosts
 |1|ALkYORymbpagfGBK9E5gJ8woD4Q=|TpduH1siXgLBGdrr+LIXqRymiT4= ssh-rsa ***
 |1|VfTJRk4WA1frUmmU6aHuphGFhWg=|sl7TtxUV8s9Dw8KC6zYxjYgESbc= ssh-rsa ***
 |1|Vbfb9vRoSIzMl+1LfrD7DVOTD9w=|AGxlbOuxn+83KCtiMvaKKslq8XY= ssh-rsa ***
 |1|ND2ZisnFqJ1Z6lK6WzutcO5ZNqw=|sq4nIsV6pBWZ4P27EJHgq1rVkUs= ssh-rsa ***
 |1|bIQPH+rXgCL9Y79j7mXWrVeurxU=|dapFBijhdY4Q1GAO38e28popmFw= ssh-rsa ***
 |1|2qiJH9WIN45TcVwVV3abSeaOu+Y=|wCc07ew86oGV8JZlZCfD/nxUC10= ssh-rsa ***
 |1|1YIO0QnRQqmAEUnZpkU7C7fKoXw=|aKQev539WQiIxOPCOUHLUBWMFEE= ssh-rsa ***
 |1|A4okl1ZD/XEPYK+28Y7QvFKpwt8=|Q7Gvj/MtVMeXKM9R9E9lTTgQ0RY= ssh-rsa ***
 |1|dEKvmuFW1eRhNd3xK90iJhyGw/Q=|/+bFyB5TPDNtynliKh4h2rHKVVI= ssh-rsa ***
 |1|8rZZylU3IElRZ4xZeyxYB6QFMb8=|x10+YhzXeMIXH33yLy8VV/1K4IA= ssh-rsa ***
 |1|QOBmqHVPJXsjrShtEbrEvPHCz28=|K9/Esrj6Ku1FQ1PesQBIJJY9lcA= ecdsa-sha2-nistp256 ***
 + ssh-keygen -R github.com
 # Host github.com found: line 11
 /home/jenkins/.ssh/known_hosts updated.
 Original contents retained as /home/jenkins/.ssh/known_hosts.old
 + ssh-keyscan github.com
 # github.com:22 SSH-2.0-babeld-f06bbde2
 # github.com:22 SSH-2.0-babeld-f06bbde2
 # github.com:22 SSH-2.0-babeld-f06bbde2
+ git push --tags
OpenSSH_7.6p1 Ubuntu-4ubuntu0.5, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /home/jenkins/.ssh/config
debug1: /home/jenkins/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "github.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to github.com [192.30.255.112] port 22.
debug1: Connection established.
debug1: identity file /home/jenkins/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/jenkins/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.5
debug1: Remote protocol version 2.0, remote software version babeld-f06bbde2
debug1: no match: babeld-f06bbde2
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to github.com:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
debug2: ciphers stoc: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
debug2: MACs ctos: [email protected],[email protected],hmac-sha2-512,hmac-sha2-256
debug2: MACs stoc: [email protected],[email protected],hmac-sha2-512,hmac-sha2-256
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:p2QAMXNIC1TJYWeIOttrVc98/R1BUFWu3/LiyKgUfQM
debug1: Host 'github.com' is known and matches the ECDSA host key.
debug1: Found key in /home/jenkins/.ssh/known_hosts:12
debug1: read_passphrase: can't open /dev/tty: No such device or address
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Any help on how to fix this ?

Tags:

2

Answers


  1. 0

    Git commands will fail if the github server isn’t in your build node’s known hosts list.

    Try adding this step before running git commands:

       sh "ssh-keyscan github.com >> ~/.ssh/known_hosts"
    Login or Signup to reply.
  2. 0

    Try and inspect your ~/.ssh/known_hosts during your job, before the git push step.

    sh "cat ~/.ssh/known_hosts"

    If you see any GitHub-related line, you need to remove them with

    sh "ssh-keyscan -R github.com"

    before adding

    sh "ssh-keyscan github.com >> ~/.ssh/known_hosts"

    Try also, in your git sh step, to add

    export GIT_SSH_COMMAND='ssh -Tvv'

    That way, you will see exactly what file is considered when Git is trying to connect through SSH to github.com.

    debug1: read_passphrase: can't open /dev/tty: No such device or address
Host key verification failed.

    I would recommend using a non-encrypted private key (you can remove the passphrase of your existing key)

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search