我已仔细遵循文件go/dev-shell在 LVDI3 上安装新的 dev shell 和 Git Setup。当我运行 ds sync 时,我收到错误消息:
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.
我运行以下两个命令来检查配置。
$ ssh-add -l
error fetching identities: agent refused operation
$ ssh -vT [email protected]
OpenSSH_8.2p1, OpenSSL 1.1.1e 17 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to bitbucketdc-cluster03-ssh.jpmchase.net [147.107.136.129] port 22.
debug1: Connection established.
debug1: identity file /c/Users/v684780/.ssh/id_rsa type 0
debug1: identity file /c/Users/v684780/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/v684780/.ssh/id_dsa type -1
debug1: identity file /c/Users/v684780/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/v684780/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/v684780/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/v684780/.ssh/id_ecdsa_sk type -1
debug1: identity file /c/Users/v684780/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /c/Users/v684780/.ssh/id_ed25519 type -1
debug1: identity file /c/Users/v684780/.ssh/id_ed25519-cert type -1
debug1: identity file /c/Users/v684780/.ssh/id_ed25519_sk type -1
debug1: identity file /c/Users/v684780/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /c/Users/v684780/.ssh/id_xmss type -1
debug1: identity file /c/Users/v684780/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.1
debug1: match: OpenSSH_6.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to bitbucketdc-cluster03-ssh.jpmchase.net:22 as 'v684780'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:U1WSHx08ejrFmnHhLOyTO6krz1ufthX3VNxKRKh1yjg
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The ECDSA host key for bitbucketdc-cluster03-ssh.jpmchase.net has changed,
and the key for the corresponding IP address 147.107.136.129
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:U1WSHx08ejrFmnHhLOyTO6krz1ufthX3VNxKRKh1yjg.
Please contact your system administrator.
Add correct host key in /c/Users/v684780/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /c/Users/v684780/.ssh/known_hosts:2
ECDSA host key for bitbucketdc-cluster03-ssh.jpmchase.net has changed and you have requested strict checking.
Host key verification failed.
我在网上搜索了一下,有人建议删除缓存的密钥,或者更新 C:\Users\v684780.ssh\known_hosts。我不确定该怎么做。
答案1
消息中的关键内容是
The ECDSA host key for bitbucketdc-cluster03-ssh.jpmchase.net has changed,
因此,您尝试连接的主机已更改其身份。一种解决方案确实是删除存储主机密钥的文件,或者 - 更好的方法是 - 在简单的文本编辑器(如记事本)中打开它并仅删除与“有问题的”主机有关的行。它是一个纯文本文件,具有每对主机、算法和密钥一行的特殊格式,例如:
127.0.0.1 ssh-rsa AAAAB3NXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXUX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
但是!请确保在重新添加主机之前检查主机的身份,以免成为修改目标主机的实际攻击者的攻击目标。