I am trying to create a git repository on my web host and clone it on my computer. Here's what I did:
- I created a repository on the remote server.
- I generated a key pair:
ssh-keygen -t dsa
. - I added my key to ssh-agent.
- I copied to the server public key in
~/.ssh
.
And then, after an attempt to run the command git clone ssh://user@host/path-to-repository
, I get an error:
Unable to negotiate with XX.XXX.XX.XX: no matching host key type found. Their offer: ssh-dss
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
What does that mean?
Answer:
1)
The recent openssh version deprecated DSA keys by default. You should pursuit your GIT provider to add some reasonable host key. Relying only on DSA is not a good idea.
As a workaround, you need to tell your ssh
client that you want to accept DSA host keys, as described in the official documentation for legacy usage. You have few possibilities, but I recommend to add these lines into your ~/.ssh/config
file:
Host your-host
HostkeyAlgorithms +ssh-dss
2)
You can also add -oHostKeyAlgorithms=+ssh-dss
in your ssh line:
ssh -oHostKeyAlgorithms=+ssh-dss user@host
来源:oschina
链接:https://my.oschina.net/u/1864705/blog/796792