UnknownHostKey Exception in Accessing GitHub Securely

Izza picture Izza · Nov 15, 2012 · Viewed 13.4k times · Source

I'm using jgit to access a repository in GitHub securely. I did the following to generate keys for secure communication between GitHub and my client code.

  1. Generated the key pair:

    ssh-keygen -t rsa
    
  2. Added the public key to GitHub account with Account Settings -> SSH keys -> add SSH key

  3. Added the private key generated in step 1 to the local host with:

    ssh-add id_rsa
    

After doing this, when I try to access GitHub and make a clone, I still get the following error:

org.eclipse.jgit.api.errors.TransportException: [email protected]:test/test_repo.git: UnknownHostKey: github.com. RSA key fingerprint is 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:137)
at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:178)
at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:125)

This is the code that I used:

    String localPath, remotePath;
    Repository localRepo;
    Git git;

    localPath = <path_to_local_repository>;
    remotePath = "[email protected]:test/test_repo.git";

    try {
        localRepo = new FileRepository(localPath + "/.git");
    } catch (IOException e) {
        e.printStackTrace();
    }
    git = new Git(localRepo);

    CloneCommand cloneCmd =  git.cloneRepository().
                setURI(remotePath).
                setDirectory(new File(localPath));
        try {
            cloneCmd.call();
        } catch (GitAPIException e) {
            log.error("git clone operation failed");
            e.printStackTrace();
        }

Kindly let me know the issue here and what should I do to rectify it.

Thanks.

Answer

Denis Tulskiy picture Denis Tulskiy · Nov 15, 2012

It happens because you have no entry for github in ~/.ssh/known_hosts, and JSch used in jgit defaults to rejecting session in this case. Refer to this question for solutions: com.jcraft.jsch.JSchException: UnknownHostKey

To set the ssh session property, you need to create a session factory for jgit:

SshSessionFactory.setInstance(new JschConfigSessionFactory() {
  public void configure(Host hc, Session session) {
    session.setConfig("StrictHostKeyChecking", "no");
  }
})

or add StrictHostKeyChecking=no to ~/.ssh/config