Git error: “Host Key Verification Failed” when connecting to remote repository

You are connecting via the SSH protocol, as indicated by the ssh:// prefix on your clone URL. Using SSH, every host has a key. Clients remember the host key associated with a particular address and refuse to connect if a host key appears to change. This prevents man in the middle attacks.

The host key for domain.com has changed. If this does not seem fishy to you, remove the old key from your local cache by editing ${HOME}/.ssh/known_hosts to remove the line for domain.com or letting an SSH utility do it for you with

ssh-keygen -R domain.com

From here, record the updated key either by doing it yourself with

ssh-keyscan -t rsa domain.com >> ~/.ssh/known_hosts

or, equivalently, let ssh do it for you next time you connect with git fetch, git pull, or git push (or even a plain ol’ ssh domain.com) by answering yes when prompted

The authenticity of host 'domain.com (a.b.c.d)' can't be established.
RSA key fingerprint is XX:XX:...:XX.
Are you sure you want to continue connecting (yes/no)?

The reason for this prompt is domain.com is no longer in your known_hosts after deleting it and presumably not in the system’s /etc/ssh/ssh_known_hosts, so ssh has no way to know whether the host on the other end of the connection is really domain.com. (If the wrong key is in /etc, someone with administrative privileges will have to update the system-wide file.)

I strongly encourage you to consider having users authenticate with keys as well. That way, ssh-agent can store key material for convenience (rather than everyone having to enter her password for each connection to the server), and passwords do not go over the network.

As I answered previously in Cloning git repo causes error - Host key verification failed. fatal: The remote end hung up unexpectedly, add the GitHub to the list of authorized hosts:

ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts

I had the similar issue, but, using SSH keys. From Tupy's answer, above, I figured out that the issue is with known_hosts file not being present or github.com not being present in the list of known hosts. Here are the steps I followed to resolve it -

1. mkdir -p ~/.ssh
2. ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
3. ssh-keygen -t rsa -C "user.email"
4. open the public key with this command $ cat ~/.ssh/id_rsa.pub and copy it.
5. Add the id_rsa.pub key to SSH keys list on your GitHub profile.

This is happening because github is not currently in your known hosts.

You should be prompted to add github to your known hosts. If this hasn't happened, you can run ssh -T [email protected] to receive the prompt again.

For me, I just had to type "yes" at the prompt which asks "Are you sure you want to continue connecting (yes/no)?" rather than just pressing Enter.

If you are in office intranet (otherwise dangerous) which is always protected by firewalls simply have the following lines in your ~/.ssh/config.

Host *
  StrictHostKeyChecking no
  UserKnownHostsFile=/dev/null

I got the same problem on a newly installed system, but this was a udev problem. There was no /dev/tty node, so I had to do:

mknod -m 666 /dev/tty c 5 0

What worked for me was to first add my SSH key of the new computer, I followed these instructions from GitLab - add SSH key. Note that since I'm on Win10, I had to do all these commands in Git Bash on Windows (it didn't work in regular DOS cmd Shell).

Then again in Git Bash, I had to do a git clone of the repo that I had problems with, and in my case I had to clone it to a different name since I already had it locally and didn't want to lose my commits. For example

git clone ssh://git@gitServerUrl/myRepo.git myRepo2

Then I got the prompt to add it to known hosts list, the question might be this one:

Are you sure you want to continue connecting (yes/no)?

I typed "yes" and it finally worked, you should typically get a message similar to this:

Warning: Permanently added '[your repo link]' (ECDSA) to the list of known hosts.

Note: if you are on Windows, make sure that you use Git Bash for all the commands, this did not work in regular cmd shell or powershell, I really had to do this in Git Bash.

Lastly I deleted the second clone repo (myRepo2 in the example) and went back to my first repo and I could finally do all the Git stuff like normal in my favorite editor VSCode.

When asked:

Are you sure you want to continue connecting (yes/no)?

Type yes as the response

That is how I solved my issue. But if you try to just hit the enter button, it won't work!

If you are using git for Windows.

• Open the git GUI.
• Open the local git repository in git GUI.
• Add the remote or push if the remote already exists.
• Answer "yes" to the question about whether you want to continue.

The GUI client adds the key for you to ~/.ssh/known_hosts. This is easier to remember if you don't do it often and also avoids the need to use the git command line (the standard Windows command lines don't have the ssh-keyscan executable.

When the remote server wants to connect to the private repo, it would authenticate via ssh. Create the private-public key pair with ssh-keygen or if you already have the public-private key. copy&paste the public key in the Settings of the private repo.

YourPrivateRepo -> Settings -> Deploy Keys -> Add deploy key -> Paste the public key.

Now the remote server would be able to connect to the private repo.

NOTE: The deploy keys has access only for reading the repo. Need to explicitly allow write access.

Its means your remote host key was changed (May be host password change),

Your terminal suggested to execute this command as root user

$ ssh-keygen -f "/root/.ssh/known_hosts" -R [www.website.net]

You have to remove that host name from hosts list on your pc/server. Copy that suggested command and execute as a root user.

$ sudo su                                                        // Login as a root user

$ ssh-keygen -f "/root/.ssh/known_hosts" -R [www.website.net]    // Terminal suggested command execute here
Host [www.website.net]:4231 found: line 16 type ECDSA
/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old

$ exit                                                           // Exist from root user

Try Again, Hope this works.

I was facing the same error inside DockerFile during build time while the image was public. I did little modification in Dockerfile.

 RUN git clone  https://github.com/kacole2/express-node-mongo-skeleton.git /www/nodejs

This would be because using the [email protected]:... syntax ends up > using SSH to clone, and inside the container, your private key is not > available. You'll want to use RUN git clone > https://github.com/edenhill/librdkafka.git instead.

The solutions mentioned here are great, the only missing point is, what if your public and private key file names are different than the default ones?

Create a file called "config" under ~/.ssh and add the following contents

Host github.com
    IdentityFile ~/.ssh/github_id_rsa

Replace github_id_rsa with your private key file.

You can use your "git url" in 'https" URL format in the Jenkinsfile or wherever you want.

git url: 'https://github.com/jglick/simple-maven-project-with-tests.git'

You kan use https instead of ssh for git clone or git pull or git push

ex:

git clone https://github.com/user/repo.git

Reason seems to be that the public key of the remote host is not stored or different from the stored one. (Be aware of security issues, see Greg Bacon's answer for details.)

I was used to git clone prompting me in this case:

The authenticity of host 'host.net (10.0.0.42)' can't be established.
ECDSA key fingerprint is 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00.
Are you sure you want to continue connecting (yes/no)?

Not sure, why this error is thrown instead. Could be the configuration of your shell or the git SSH command.
Anyhow, you can get the same prompt by running ssh [email protected].

A other alternative worked for me, instead of cloning the SSH link

[email protected]:upendra/mycode.git

there is a option to select http link

http://gitlab.company.net:8888/upendra/mycode.git

So I used http link to clone for Visual studio and it worked for me

One small addition to Tupy's answer, you may need to add the port number for your repository host:

ssh-keyscan -p 8888 -t rsa domain.com >> ~/.ssh/known_hosts

If you have another machine that does have remote access you can find the port number by viewing ~/.ssh/known_hosts:

[user]$ less ~/.ssh/known_hosts
[domain.com]:8888,[000.00.000.000]:8888 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCi...

If you are not using a Windows Session to update the code, and you use PortableGit, you need to set the HOMEPATH environment variable before running the git command.

This example fits better for other use case, but I think it is a good of proof-of-concept for this post.

$env:HOMEPATH="\Users\Administrator";C:\path\to\PortableGit\bin\git.exe -C C:\path\to\repository.git pull'

Pushing to Git returning Error Code 403 fatal: HTTP request failed

Check if there is Billing issue. Google Cloud stops uploading files to https://source.cloud.google.com/

I got this problem went away after Payment issue was fixed. But did not change the Keys.

Thanks

I had the similar issue, unfortunately I used the GitExtensions HMI and forgot that I wrote a passphrase. With HMI.... forget it ! Do not enter passphrase when you generate your key !

I got this message when I tried to git clone a repo that was not mine. The fix was to fork and then clone.