SSH身份验证失败，并显示“主机密钥验证失败".尽管提供了有效的密钥 [英] SSH auth fails with "Host key verification failed" despite providing valid keys

问题描述

在Azure DevOps管道中，我想SSH到具有依赖项的私有存储库.我收到以下错误消息:

In Azure DevOps Pipelines I want to SSH to a private repo with dependencies. I am getting following error:

主机密钥验证失败.致命的:无法从远程存储库读取.

Host key verification failed. fatal: Could not read from remote repository.

尽管将私钥上传到安全文件，但在项目变量中设置了公钥.

Despite uploading private key to secure files and public key is set in project variables.

见下文

steps:  
- task: InstallSSHKey@0
  inputs:
    hostName: $(hostname)
    sshPublicKey: $(testkey.pub)
    sshPassphrase: $(passphrase)
    sshKeySecureFile: testkey


- script: |
    git clone git@github.xxxxxx.com:xxxx/xxxxx.git
  displayName: 'clone repo' 

推荐答案

主机密钥验证失败

Host key verification failed

这与您尝试用于连接的SSH密钥无关.它指的是服务器的 SSH 公钥指纹.这是您首次连接到新计算机时看到的(应该检查).

This doesn't refer to the SSH key you're trying to use to connect. It refers to the server's SSH public key fingerprint. This is the thing you see (and should check) when you first connect to a new machine.

验证主机密钥指纹可防止中间人攻击，恶意第三方可能会坐在您和您的目标服务器之间，从而在观察或修改该通信时来回传递通信.Azure文档

Verifying the host key fingerprint protects against man-in-the-middle attacks, where a malicious third party could sit between you and your target server passing communication back and forth while observing or modifying said communication. The Azure documentation discusses this as well.

手动SSH一次到计算机，检查指纹是否符合您的预期，然后接受.除非指纹发生变化，否则后续的连接都应该起作用.

Manually SSH to the machine once, check that the fingerprint is what you expect it to be, and accept it. Subsequent connections should work unless the fingerprint changes.

这篇关于SSH身份验证失败，并显示“主机密钥验证失败".尽管提供了有效的密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！