fedora33 git publickey 认证失败

作者: wxfeng 分类: linux 发布时间: 2020-12-11 11:05

问题描述:升级fedora 33后,使用git clone,git pull,git push等需要与远程publickey进行权限校验时,提示Permission Denied (publickey)

错误原因以及解决方案:

Fedora 33移除了sha1 加密算法,但是在发布说明中没有提及。所以导致默认生成的publickey类型与远程服务器端不一致,解决办法:

添加配置文件:~/.ssh/config,声明同远程仓库进行校验时使用的密钥类型,内容如下:

Host code.aliyun.com
User git
PubkeyAcceptedKeyTypes ssh-rsa

根据个人情况进行修改,参考资料如下:

The Fedora 33 removes SHA1, which will certainly be in the release notes [1]. But it did not mention ssh at all yet, but we are going to fix it.
There is a simple workaround by using ECDSA authentication and host keys (which use SHA2 ever since) or creating a following configuration snippet to connect to legacy hosts:
  # legacy host not supporting RSA with SHA2
  Host server.name.here:
    PubkeyAcceptedKeyTypes ssh-rsa
I will keep the bug open until we will make sure the release notes are  fixed.
[1] https://fedoraproject.org/wiki/Releases/33/ChangeSet#Strong_crypto_settings:_phase_2

发表评论

电子邮件地址不会被公开。 必填项已用*标注