jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-22 11:26:57 -05:00
Code Issues Projects Releases Wiki Activity

ran script/content-migrations/remove-map-topics.js && script/content-migrations/update-tocs.js

Browse Source
This commit is contained in:
Sarah Schneider
2021-05-19 10:12:38 -04:00
parent 253c356fb0
commit f7e848e0c4
14528 changed files with 410545 additions and 411354 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
content/github/authenticating-to-github/troubleshooting-ssh/deleted-or-missing-ssh-keys.md Normal file
View File

@@ -0,0 +1,16 @@
---
title: Deleted or missing SSH keys
intro: 'As a security precaution, {% data variables.product.prodname_dotcom %} automatically deletes SSH keys that haven''t been used in a year.'
redirect_from:
- /articles/deleted-or-missing-ssh-keys
- /github/authenticating-to-github/deleted-or-missing-ssh-keys
versions:
free-pro-team: '*'
topics:
- SSH
---
{% data variables.product.prodname_dotcom %} automatically deletes inactive SSH keys to help keep accounts safe, such as after someone leaves a job or loses a computer.
You can check if you haven't used an SSH key in a year by reviewing your account's security log. For more information, see "[Reviewing your security log](/articles/reviewing-your-security-log/)."
After your inactive SSH key is deleted, you must generate a new SSH key and associate it with your account. For more information, see "[Generating a new SSH key and adding it to the ssh-agent](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/)" and "[Adding a new SSH key to your GitHub account](/articles/adding-a-new-ssh-key-to-your-github-account/)."

49
content/github/authenticating-to-github/troubleshooting-ssh/error-agent-admitted-failure-to-sign.md Normal file
View File

@@ -0,0 +1,49 @@
---
title: 'Error: Agent admitted failure to sign'
intro: 'In rare circumstances, connecting to {% data variables.product.product_name %} via SSH on Linux produces the error `"Agent admitted failure to sign using the key"`. Follow these steps to resolve the problem.'
redirect_from:
- /articles/error-agent-admitted-failure-to-sign-using-the-key/
- /articles/error-agent-admitted-failure-to-sign
- /github/authenticating-to-github/error-agent-admitted-failure-to-sign
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
When trying to SSH into {% data variables.product.product_location %} on a Linux computer, you may see the following message in your terminal:
```shell
$ ssh -vT git@{% data variables.command_line.codeblock %}
> ...
> Agent admitted failure to sign using the key.
> debug1: No more authentication methods to try.
> Permission denied (publickey).
```
For more details, see <a href="https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/201786" data-proofer-ignore>this issue report</a>.
### Resolution
You should be able to fix this error by loading your keys into your SSH agent with `ssh-add`:
```shell
# start the ssh-agent in the background
$ eval "$(ssh-agent -s)"
> Agent pid 59566
$ ssh-add
> Enter passphrase for /home/<em>you</em>/.ssh/id_rsa: <em>[tippy tap]</em>
> Identity added: /home/<em>you</em>/.ssh/id_rsa (/home/<em>you</em>/.ssh/id_rsa)
```
If your key does not have the default filename (`/.ssh/id_rsa`), you'll have to pass that path to `ssh-add`:
```shell
# start the ssh-agent in the background
$ eval "$(ssh-agent -s)"
> Agent pid 59566
$ ssh-add ~/.ssh/my_other_key
> Enter passphrase for /home/<em>you</em>/.ssh/my_other_key: <em>[tappity tap tap]</em>
> Identity added: /home/<em>you</em>/.ssh/my_other_key (/home/<em>you</em>/.ssh/my_other_key)
```

58
content/github/authenticating-to-github/troubleshooting-ssh/error-bad-file-number.md Normal file
View File

@@ -0,0 +1,58 @@
---
title: 'Error: Bad file number'
intro: This error usually means you were unable to connect to the server. Often this is caused by firewalls and proxy servers.
redirect_from:
- /articles/error-bad-file-number
- /github/authenticating-to-github/error-bad-file-number
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
When running remote Git commands or SSH, your connection might time out:
```shell
$ ssh -vT git@{% data variables.command_line.codeblock %}
> OpenSSH_8.1p1, LibreSSL 2.7.3
> debug1: Connecting to {% data variables.command_line.codeblock %} [207.97.227.239] port 22.
> debug1: connect to address 207.97.227.239 port 22: Connection timed out
> ssh: connect to host {% data variables.command_line.codeblock %} port 22: Connection timed out
> ssh: connect to host {% data variables.command_line.codeblock %} port 22: Bad file number
```
### Solving the issue
#### Use HTTPS
Often, the simplest solution is to simply avoid SSH entirely. Most firewalls and proxies allow HTTPS traffic without issue. To take advantage of this, change [the remote URL](/github/getting-started-with-github/about-remote-repositories) you're using:
```shell
$ git clone https://{% data variables.command_line.codeblock %}/<em>username</em>/<em>reponame</em>.git
> Cloning into 'reponame'...
> remote: Counting objects: 84, done.
> remote: Compressing objects: 100% (45/45), done.
> remote: Total 84 (delta 43), reused 78 (delta 37)
> Unpacking objects: 100% (84/84), done.
```
#### Test from a different network
If you can connect the computer to another network that doesn't have a firewall, you can try testing your SSH connection to {% data variables.product.product_name %}. If everything works as it should, contact your network administrator for help on changing the firewall settings to allow your SSH connection to {% data variables.product.product_name %} to succeed.
{% if currentVersion == "free-pro-team@latest" %}
#### Using SSH over the HTTPS port
If using HTTPS is not an option, and your firewall admin refuses to allow SSH connections, you can try using [SSH over the HTTPS port](/articles/using-ssh-over-the-https-port) instead.
{% endif %}
{% if currentVersion == "free-pro-team@latest" %}
### Further reading
- "[Troubleshooting connectivity problems](/articles/troubleshooting-connectivity-problems)"
{% endif %}

35
content/github/authenticating-to-github/troubleshooting-ssh/error-key-already-in-use.md Normal file
View File

@@ -0,0 +1,35 @@
---
title: 'Error: Key already in use'
intro: 'This error occurs when you try to [add a key](/articles/adding-a-new-ssh-key-to-your-github-account) that''s already been added to another account or repository.'
redirect_from:
- /articles/error-key-already-in-use
- /github/authenticating-to-github/error-key-already-in-use
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
### Finding where the key has been used
To determine where the key has already been used, open a terminal and type the `ssh` command. Use the `-i` flag to provide the path to the key you want to check:
```shell
$ ssh -T -ai <em>~/.ssh/id_rsa</em> git@{% data variables.command_line.codeblock %}
# Connect to {% data variables.product.product_location %} using a specific ssh key
> Hi <em>username</em>! You've successfully authenticated, but GitHub does not
> provide shell access.
```
The *username* in the response is the {% data variables.product.product_name %} account that the key is currently attached to. If the response looks something like "username/repo", the key has been attached to a repository as a [*deploy key*](/guides/managing-deploy-keys#deploy-keys).
### Fixing the issue
To resolve the issue, first remove the key from the other account or repository and then [add it to your account](/articles/adding-a-new-ssh-key-to-your-github-account).
If you don't have permissions to transfer the key, and can't contact a user who does, remove the keypair and [generate a brand new one](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent).
### Deploy keys
Once a key has been attached to one repository as a deploy key, it cannot be used on another repository. If you're running into this error while setting up deploy keys, see "[Managing deploy keys](/guides/managing-deploy-keys)."

281
content/github/authenticating-to-github/troubleshooting-ssh/error-permission-denied-publickey.md Normal file
View File

@@ -0,0 +1,281 @@
---
title: 'Error: Permission denied (publickey)'
intro: 'A "Permission denied" error means that the server rejected your connection. There could be several reasons why, and the most common examples are explained below.'
redirect_from:
- /articles/error-permission-denied-publickey
- /github/authenticating-to-github/error-permission-denied-publickey
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
### Should the `sudo` command be used with Git?
You should not be using the `sudo` command with Git. If you have a *very good reason* you must use `sudo`, then ensure you are using it with every command (it's probably just better to use `su` to get a shell as root at that point). If you [generate SSH keys](/articles/generating-an-ssh-key) without `sudo` and then try to use a command like `sudo git push`, you won't be using the same keys that you generated.
### Check that you are connecting to the correct server
Typing is hard, we all know it. Pay attention to what you type; you won't be able to connect to "githib.com" or "guthub.com". In some cases, a corporate network may cause issues resolving the DNS record as well.
To make sure you are connecting to the right domain, you can enter the following command:
```shell
$ ssh -vT git@{% data variables.command_line.codeblock %}
> OpenSSH_8.1p1, LibreSSL 2.7.3
> debug1: Reading configuration data /Users/<em>you</em>/.ssh/config
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 47: Applying options for *
> debug1: Connecting to {% data variables.command_line.codeblock %} port 22.
```
The connection should be made on port 22{% if currentVersion == "free-pro-team@latest" %}, unless you're overriding settings to use [SSH over HTTPS](/articles/using-ssh-over-the-https-port){% endif %}.
### Always use the "git" user
All connections, including those for remote URLs, must be made as the "git" user. If you try to connect with your {% data variables.product.product_name %} username, it will fail:
```shell
$ ssh -T <em>GITHUB-USERNAME</em>@{% data variables.command_line.codeblock %}
> Permission denied (publickey).
```
If your connection failed and you're using a remote URL with your {% data variables.product.product_name %} username, you can [change the remote URL to use the "git" user](/github/getting-started-with-github/managing-remote-repositories).
You should verify your connection by typing:
```shell
$ ssh -T git@{% data variables.command_line.codeblock %}
> Hi <em>username</em>! You've successfully authenticated...
```
### Make sure you have a key that is being used
{% mac %}
{% data reusables.command_line.open_the_multi_os_terminal %}
2. Verify that you have a private key generated and loaded into SSH. {% if currentVersion ver_lt "enterprise-server@3.0" %}If you're using OpenSSH 6.7 or older:
```shell
# start the ssh-agent in the background
$ eval "$(ssh-agent -s)"
> Agent pid 59566
$ ssh-add -l
> 2048 <em>a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>you</em>/.ssh/id_rsa (RSA)
```
If you're using OpenSSH 6.8 or newer:
```shell
# start the ssh-agent in the background
$ eval "$(ssh-agent -s)"
> Agent pid 59566
$ ssh-add -l -E md5
> 2048 <em>MD5:a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>you</em>/.ssh/id_rsa (RSA)
```
{% else %}
```shell
# start the ssh-agent in the background
$ eval "$(ssh-agent -s)"
> Agent pid 59566
$ ssh-add -l -E sha256
> 2048 <em>SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```{% endif %}
{% endmac %}
{% windows %}
{% data reusables.desktop.windows_git_bash %}
1. {% data reusables.desktop.windows_git_bash_turn_on_ssh_agent %}
{% data reusables.desktop.windows_git_for_windows_turn_on_ssh_agent %}
2. Verify that you have a private key generated and loaded into SSH. {% if currentVersion ver_lt "enterprise-server@3.0" %}If you're using OpenSSH 6.7 or older:
```shell
$ ssh-add -l
> 2048 <em>a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>you</em>/.ssh/id_rsa (RSA)
```
If you're using OpenSSH 6.8 or newer:
```shell
$ ssh-add -l -E md5
> 2048 <em>MD5:a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>you</em>/.ssh/id_rsa (RSA)
```
{% else %}
```shell
$ ssh-add -l -E sha256
> 2048 <em>SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```{% endif %}
{% endwindows %}
{% linux %}
{% data reusables.command_line.open_the_multi_os_terminal %}
2. Verify that you have a private key generated and loaded into SSH. {% if currentVersion ver_lt "enterprise-server@3.0" %}If you're using OpenSSH 6.7 or older:
```shell
# start the ssh-agent in the background
$ eval "$(ssh-agent -s)"
> Agent pid 59566
$ ssh-add -l
> 2048 <em>a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>you</em>/.ssh/id_rsa (RSA)
```
If you're using OpenSSH 6.8 or newer:
```shell
# start the ssh-agent in the background
$ eval "$(ssh-agent -s)"
> Agent pid 59566
$ ssh-add -l -E md5
> 2048 <em>MD5:a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>you</em>/.ssh/id_rsa (RSA)
```
{% else %}
```shell
$ ssh-add -l -E sha256
> 2048 <em>SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```{% endif %}
{% endlinux %}
The `ssh-add` command *should* print out a long string of numbers and letters. If it does not print anything, you will need to [generate a new SSH key](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent) and associate it with {% data variables.product.product_name %}.
{% tip %}
**Tip**: On most systems the default private keys (`~/.ssh/id_rsa` and `~/.ssh/identity`) are automatically added to the SSH authentication agent. You shouldn't need to run `ssh-add path/to/key` unless you override the file name when you generate a key.
{% endtip %}
#### Getting more details
You can also check that the key is being used by trying to connect to `git@{% data variables.command_line.backticks %}`:
```shell
$ ssh -vT git@{% data variables.command_line.codeblock %}
> ...
> debug1: identity file /Users/<em>you</em>/.ssh/id_rsa type -1
> debug1: identity file /Users/<em>you</em>/.ssh/id_rsa-cert type -1
> debug1: identity file /Users/<em>you</em>/.ssh/id_dsa type -1
> debug1: identity file /Users/<em>you</em>/.ssh/id_dsa-cert type -1
> ...
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: /Users/<em>you</em>/.ssh/id_rsa
> debug1: Trying private key: /Users/<em>you</em>/.ssh/id_dsa
> debug1: No more authentication methods to try.
> Permission denied (publickey).
```
In that example, we did not have any keys for SSH to use. The "-1" at the end of the "identity file" lines means SSH couldn't find a file to use. Later on, the "Trying private key" lines also indicate that no file was found. If a file existed, those lines would be "1" and "Offering public key", respectively:
```shell
$ ssh -vT git@{% data variables.command_line.codeblock %}
> ...
> debug1: identity file /Users/<em>you</em>/.ssh/id_rsa type 1
> ...
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Offering RSA public key: /Users/<em>you</em>/.ssh/id_rsa
```
### Verify the public key is attached to your account
You must provide your public key to {% data variables.product.product_name %} to establish a secure connection.
{% mac %}
1. Open Terminal.
2. Start SSH agent in the background.
```shell
$ eval "$(ssh-agent -s)"
> Agent pid 59566
```
3. Find and take a note of your public key fingerprint. {% if currentVersion ver_lt "enterprise-server@3.0" %}If you're using OpenSSH 6.7 or older:
```shell
$ ssh-add -l
> 2048 <em>a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```
If you're using OpenSSH 6.8 or newer:
```shell
$ ssh-add -l -E md5
> 2048 <em>MD5:a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```
{% else %}
```shell
$ ssh-add -l -E sha256
> 2048 <em>SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```{% endif %}
{% data reusables.user_settings.access_settings %}
{% data reusables.user_settings.ssh %}
6. Compare the list of SSH keys with the output from the `ssh-add` command.
![SSH key listing in {% data variables.product.product_name %}](/assets/images/help/settings/ssh_key_listing.png)
{% endmac %}
{% windows %}
1. Open the command line.
2. Start SSH agent in the background.
```shell
$ ssh-agent -s
> Agent pid 59566
```
3. Find and take a note of your public key fingerprint. {% if currentVersion ver_lt "enterprise-server@3.0" %}If you're using OpenSSH 6.7 or older:
```shell
$ ssh-add -l
> 2048 <em>a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```
If you're using OpenSSH 6.8 or newer:
```shell
$ ssh-add -l -E md5
> 2048 <em>MD5:a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```
{% else %}
```shell
$ ssh-add -l -E sha256
> 2048 <em>SHA256:274ffWxgaxq/tSINAykStUL7XWyRNcRTlcST1Ei7gBQ</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```{% endif %}
{% data reusables.user_settings.access_settings %}
{% data reusables.user_settings.ssh %}
6. Compare the list of SSH keys with the output from the `ssh-add` command.
![SSH key listing in {% data variables.product.product_name %}](/assets/images/help/settings/ssh_key_listing.png)
{% endwindows %}
{% linux %}
1. Open Terminal.
2. Start SSH agent in the background.
```shell
$ eval "$(ssh-agent -s)"
> Agent pid 59566
```
3. Find and take a note of your public key fingerprint. If you're using OpenSSH 6.7 or older:
```shell
$ ssh-add -l
> 2048 <em>a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```
If you're using OpenSSH 6.8 or newer:
```shell
$ ssh-add -l -E md5
> 2048 <em>MD5:a0:dd:42:3c:5a:9d:e4:2a:21:52:4e:78:07:6e:c8:4d</em> /Users/<em>USERNAME</em>/.ssh/id_rsa (RSA)
```
{% data reusables.user_settings.access_settings %}
{% data reusables.user_settings.ssh %}
6. Compare the list of SSH keys with the output from the `ssh-add` command.
![SSH key listing in {% data variables.product.product_name %}](/assets/images/help/settings/ssh_key_listing.png)
{% endlinux %}
If you don't see your public key in {% data variables.product.product_name %}, you'll need to [add your SSH key to {% data variables.product.product_name %}](/articles/adding-a-new-ssh-key-to-your-github-account) to associate it with your computer.
{% warning %}
**Warning**: If you see an SSH key you're not familiar with on {% data variables.product.product_name %}, delete it immediately and contact {% data variables.contact.contact_support %}, for further help. An unidentified public key may indicate a possible security concern. For more information, see "[Reviewing your SSH keys](/articles/reviewing-your-ssh-keys)."
{% endwarning %}

15
content/github/authenticating-to-github/troubleshooting-ssh/error-permission-to-userrepo-denied-to-other-user.md Normal file
View File

@@ -0,0 +1,15 @@
---
title: 'Error: Permission to user/repo denied to other-user'
intro: This error means the key you are pushing with is attached to an account which does not have access to the repository.
redirect_from:
- /articles/error-permission-to-user-repo-denied-to-other-user
- /articles/error-permission-to-userrepo-denied-to-other-user
- /github/authenticating-to-github/error-permission-to-userrepo-denied-to-other-user
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
To fix this, the owner of the repository (`user`) needs to add your account (`other-user`) as a collaborator on the repository or to a team that has write access to the repository.

17
content/github/authenticating-to-github/troubleshooting-ssh/error-permission-to-userrepo-denied-to-userother-repo.md Normal file
View File

@@ -0,0 +1,17 @@
---
title: 'Error: Permission to user/repo denied to user/other-repo'
intro: 'This error means the key you are pushing with is attached to another repository as a deploy key, and does not have access to the repository you are trying to push to.'
redirect_from:
- /articles/error-permission-to-user-repo-denied-to-user-other-repo
- /articles/error-permission-to-userrepo-denied-to-userother-repo
- /github/authenticating-to-github/error-permission-to-userrepo-denied-to-userother-repo
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
To fix this, remove the deploy key from the repository, and [add the key to your user account](/articles/adding-a-new-ssh-key-to-your-github-account) instead.
If the key you are using is intended to be a deploy key, check out [our guide on deploy keys](/guides/managing-deploy-keys) for more details.

35
content/github/authenticating-to-github/troubleshooting-ssh/error-ssh-add-illegal-option----k.md Normal file
View File

@@ -0,0 +1,35 @@
---
title: 'Error: ssh-add: illegal option -- K'
intro: 'This error means your version of `ssh-add` does not support macOS keychain integration, which allows you to store your passphrase in the keychain.'
redirect_from:
- /articles/error-ssh-add-illegal-option-k
- /articles/error-ssh-add-illegal-option----k
- /github/authenticating-to-github/error-ssh-add-illegal-option----k
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
The `-K` option is in Apple's standard version of `ssh-add`, which stores the passphrase in your keychain for you when you add an ssh key to the ssh-agent. If you have installed a different version of `ssh-add`, it may lack support for `-K`.
### Solving the issue
To add your SSH private key to the ssh-agent, you can specify the path to the Apple version of `ssh-add`:
```shell
$ /usr/bin/ssh-add -K ~/.ssh/id_rsa
```
{% note %}
**Note:** {% data reusables.ssh.add-ssh-key-to-ssh-agent %}
{% endnote %}
### Further reading
- "[Generating a new SSH key and adding it to the ssh-agent](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)"
- [Linux man page for SSH-ADD](http://man7.org/linux/man-pages/man1/ssh-add.1.html)
- To view Apple's man page for SSH-ADD, run `man ssh-add` in Terminal

27
content/github/authenticating-to-github/troubleshooting-ssh/error-ssl-certificate-problem-verify-that-the-ca-cert-is-ok.md Normal file
View File

@@ -0,0 +1,27 @@
---
title: 'Error: SSL certificate problem, verify that the CA cert is OK'
intro: 'This error means your CA root certificate is out of date. If your CA root certificate needs to be updated, you won''t be able to push or pull from {% data variables.product.product_name %} repositories.'
redirect_from:
- /articles/error-ssl-certificate-problem-verify-that-the-ca-cert-is-ok
- /github/authenticating-to-github/error-ssl-certificate-problem-verify-that-the-ca-cert-is-ok
versions:
free-pro-team: '*'
topics:
- SSH
---
The error you receive may look like the following:
```shell
$ git push -u github.main
> fatal: 'github.main' does not appear to be a git repository
> fatal: The remote end hung up unexpectedly
$ git pull -u github
> error: SSL certificate problem, verify that the CA cert is OK. Details:
> error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https://github.com/tqisjim/google-oauth.git/info/refs
> fatal: HTTP request failed
```
A "CA" is shorthand for a "certificate authority," a third-party group responsible for handling secure connections around the web. They establish digital "certificates," which are a way of ensuring that there are valid connections between two machines (like your computer and GitHub.com). Without a certificate, the security risk between two machines is greater.
When you receive this error, it likely means that your CA is out-of-date and needs to be updated. Generally, updating your operating system also updates your CA, and solves the problem.

36
content/github/authenticating-to-github/troubleshooting-ssh/error-unknown-key-type.md Normal file
View File

@@ -0,0 +1,36 @@
---
title: 'Error: Unknown key type'
intro: 'This error means that the SSH key type you used was unrecognized or is unsupported by your SSH client. '
versions:
free-pro-team: '*'
enterprise-server: '>=3.2'
github-ae: next
topics:
- SSH
redirect_from:
- /github/authenticating-to-github/error-unknown-key-type
---
### About the `unknown key type` error
When you generate a new SSH key, you may receive an `unknown key type` error if your SSH client does not support the key type that you specify.{% mac %}To solve this issue on macOS, you can update your SSH client or install a new SSH client.
### Prerequisites
You must have Homebrew installed. For more information, see the [installation guide](https://docs.brew.sh/Installation) in the Homebrew documentation.
### Solving the issue
{% warning %}
**Warning:** If you install OpenSSH, your computer will not be able to retrieve passphrases that are stored in the Apple keychain. You will need to enter your passphrase or interact with your hardware security key every time you authenticate with SSH to {% data variables.product.prodname_dotcom %} or another web service.
If you remove OpenSSH, the passphrases that are stored in your keychain will once again be retrievable. You can remove OpenSSH by entering the command `brew uninstall openssh` in Terminal.
{% endwarning %}
1. Open Terminal.
2. Enter the command `brew install openssh`.
3. Quit and relaunch Terminal.
4. Try the procedure for generating a new SSH key again. For more information, see "[Generating a new SSH key and adding it to the ssh-agent](/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)."
{% endmac %}{% linux %}To solve this issue on Linux, use the package manager for your Linux distribution to install a new version of OpenSSH, or compile a new version from source. If you install a different version of OpenSSH, the ability of other applications to authenticate via SSH may be affected. For more information, review the documentation for your distribution.{% endlinux %}

27
content/github/authenticating-to-github/troubleshooting-ssh/error-were-doing-an-ssh-key-audit.md Normal file
View File

@@ -0,0 +1,27 @@
---
title: 'Error: We''re doing an SSH key audit'
intro: This error means the SSH key you're using to perform a Git operation is unverified.
redirect_from:
- /articles/error-we-re-doing-an-ssh-key-audit
- /articles/error-were-doing-an-ssh-key-audit
- /github/authenticating-to-github/error-were-doing-an-ssh-key-audit
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
When using an unverified key to perform Git operations, you will be prompted to perform an audit of your SSH keys.
```shell
ERROR: We're doing an SSH key audit.
Reason: unverified due to lack of use
Please visit https://github.com/settings/ssh
to approve this key so we know it's safe.
Fingerprint: ab:08:46:83:ff:f6:c4:f8:a9:4e:68:6b:94:17:f2:46
fatal: could not read from remote repository
```
### Solving the issue
To fix this, you need to [review your SSH keys](/articles/reviewing-your-ssh-keys) and either reject or approve the unverified key. Clicking the URL link in the error message brings you to the SSH Settings page, where the unverified SSH key is highlighted in the SSH key list.

27
content/github/authenticating-to-github/troubleshooting-ssh/index.md Normal file
View File

@@ -0,0 +1,27 @@
---
title: Troubleshooting SSH
intro: 'When using SSH to connect and authenticate to {% data variables.product.product_name %}, you may need to troubleshoot unexpected issues that may arise.'
redirect_from:
- /articles/troubleshooting-ssh
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
children:
- /using-ssh-over-the-https-port
- /recovering-your-ssh-key-passphrase
- /deleted-or-missing-ssh-keys
- /error-permission-denied-publickey
- /error-bad-file-number
- /error-key-already-in-use
- /error-permission-to-userrepo-denied-to-other-user
- /error-permission-to-userrepo-denied-to-userother-repo
- /error-agent-admitted-failure-to-sign
- /error-ssh-add-illegal-option----k
- /error-ssl-certificate-problem-verify-that-the-ca-cert-is-ok
- /error-unknown-key-type
- /error-were-doing-an-ssh-key-audit
---

41
content/github/authenticating-to-github/troubleshooting-ssh/recovering-your-ssh-key-passphrase.md Normal file
View File

@@ -0,0 +1,41 @@
---
title: Recovering your SSH key passphrase
intro: 'If you''ve lost your SSH key passphrase, depending on the operating system you use, you may either recover it or you may need to generate a new SSH key passphrase.'
redirect_from:
- /articles/how-do-i-recover-my-passphrase/
- /articles/how-do-i-recover-my-ssh-key-passphrase/
- /articles/recovering-your-ssh-key-passphrase
- /github/authenticating-to-github/recovering-your-ssh-key-passphrase
versions:
free-pro-team: '*'
enterprise-server: '*'
github-ae: '*'
topics:
- SSH
---
{% mac %}
If you [configured your SSH passphrase with the macOS keychain](/articles/working-with-ssh-key-passphrases#saving-your-passphrase-in-the-keychain), you may be able to recover it.
1. In Finder, search for the **Keychain Access** app.
![Spotlight Search bar](/assets/images/help/setup/keychain-access.png)
2. In Keychain Access, search for **SSH**.
3. Double click on the entry for your SSH key to open a new dialog box.
4. In the lower-left corner, select **Show password**.
![Keychain access dialog](/assets/images/help/setup/keychain_show_password_dialog.png)
5. You'll be prompted for your administrative password. Type it into the "Keychain Access" dialog box.
6. Your password will be revealed.
{% endmac %}
{% windows %}
If you lose your SSH key passphrase, there's no way to recover it. You'll need to [generate a brand new SSH keypair](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent) or [switch to HTTPS cloning](/github/getting-started-with-github/managing-remote-repositories) so you can use your GitHub password instead.
{% endwindows %}
{% linux %}
If you lose your SSH key passphrase, there's no way to recover it. You'll need to [generate a brand new SSH keypair](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent) or [switch to HTTPS cloning](/github/getting-started-with-github/about-remote-repositories/#cloning-with-https-urls) so you can use your GitHub password instead.
{% endlinux %}

47
content/github/authenticating-to-github/troubleshooting-ssh/using-ssh-over-the-https-port.md Normal file
View File

@@ -0,0 +1,47 @@
---
title: Using SSH over the HTTPS port
intro: 'Sometimes, firewalls refuse to allow SSH connections entirely. If using [HTTPS cloning with credential caching](/github/getting-started-with-github/caching-your-github-credentials-in-git) is not an option, you can attempt to clone using an SSH connection made over the HTTPS port. Most firewall rules should allow this, but proxy servers may interfere.'
redirect_from:
- /articles/using-ssh-over-the-https-port
- /github/authenticating-to-github/using-ssh-over-the-https-port
versions:
free-pro-team: '*'
topics:
- SSH
---
{% tip %}
**{% data variables.product.prodname_ghe_server %} users**: Accessing {% data variables.product.prodname_ghe_server %} via SSH over the HTTPS port is currently not supported.
{% endtip %}
To test if SSH over the HTTPS port is possible, run this SSH command:
```shell
$ ssh -T -p 443 git@ssh.github.com
> Hi <em>username</em>! You've successfully authenticated, but GitHub does not
> provide shell access.
```
If that worked, great! If not, you may need to [follow our troubleshooting guide](/articles/error-permission-denied-publickey).
### Enabling SSH connections over HTTPS
If you are able to SSH into `git@ssh.{% data variables.command_line.backticks %}` over port 443, you can override your SSH settings to force any connection to {% data variables.product.product_location %} to run though that server and port.
To set this in your ssh config, edit the file at `~/.ssh/config`, and add this section:
```
Host {% data variables.command_line.codeblock %}
Hostname ssh.{% data variables.command_line.codeblock %}
Port 443
User git
```
You can test that this works by connecting once more to {% data variables.product.product_location %}:
```shell
$ ssh -T git@{% data variables.command_line.codeblock %}
> Hi <em>username</em>! You've successfully authenticated, but GitHub does not
> provide shell access.
```