美文网首页
Git Extensions push issue

Git Extensions push issue

作者: fuxiaotao | 来源:发表于2016-03-08 12:43 被阅读0次

    After I made some code modifications, I try to commit and push the changes. Commit operations succeeded but push failed. I've got my errors.

    I turn to the Geek guy for helping investigate the issue. 

    For part of the reason, it is because the OpenSSH I am using is incompatible with the server.Then we can get some clues to refer this site http://www.openssh.com/legacy.html.  I copy it here in case we cannot access it some day.

    Using OpenSSH with legacy SSH implementations

    OpenSSH implements all of the cryptographic algorithms needed for compatibility with standards-compliant SSH implementations, but since some of the older algorithms have been been found weak not all are algorithms are enabled by default. This page describes what to do when OpenSSH refuses to connect with an implementation that only supports legacy algorithms.

    When a SSH client connects to a server, each side offers lists of connection parameters to the other. These include the ciphers to encrypt the connection, the message authentication codes (MACs) used to detect traffic modification, the public key algorithms that the server can use to authenticate itself to the client and the key exchange methods that are used to generate per-connection keys. In a successful connection, there is at least one mutually-supported choice for each parameter.

    If the client and server are unable to agree on a mutual set of parameters then the connection will fail. OpenSSH (7.0 and greater) will produce an error message like this:

    Unable to negotiate with 127.0.0.1: no matching key exchange method found.

    Their offer: diffie-hellman-group1-sha1

    In this case, the client and server were unable to agree on the key exchange algorithm. The server offered only a single methoddiffie-hellman-group1-sha1. OpenSSH supports this method, but does not enable it by default because is weak and within theoretical range of the so-called Logjam attack.

    The best resolution for these failures is to upgrade the software at the other end. OpenSSH only disables algorithms that we actively recommend against using because they are known to be weak. In some cases, this might not be immediately possible so you may need to temporarily re-enable the weak algorithms to retain access.

    For the case of the above error message, OpenSSH can be configured to enable thediffie-hellman-group1-sha1key exchange algorithm (or any other that is disabled by default) using theKexAlgorithmoption - either on the command-line:

    ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 [-p29418] user@127.0.0.1

    or in the~/.ssh/configfile:

    Host somehost.example.org

    KexAlgorithms +diffie-hellman-group1-sha1

    The '+' before the list instructs ssh to append the algorithm to the client's default set rather than replacing the default. By appending, you will automatically upgrade to the best supported algorithm when the server starts supporting it.

    Another example, this time where the client and server fail to agree on a public key algorithm for host authentication:

    Unable to negotiate with 127.0.0.1: no matching host key type found.

    Their offer: ssh-dss

    OpenSSH 7.0 and greater similarly disables thessh-dss(DSA) public key algorithm. It too is weak and we recommend against its use. It can be re-enabled using theHostkeyAlgorithmsconfiguration option:

    ssh -oHostKeyAlgorithms=+ssh-dss user@127.0.0.1

    or in the~/.ssh/configfile:

    Host somehost.example.org

    HostkeyAlgorithms ssh-dss

    Depending on the server configuration, it's possible for other connection parameters to fail to negotiate. You might find theCiphersand/orMACsconfiguration options useful for enabling these. It's also possible to query which algorithms ssh supports:

    ssh -Q cipher      # List supported ciphers

    ssh -Q mac          # List supported MACs

    ssh -Q key          # List supported public key types

    ssh -Q kex          # List supported key exchange algorithms

    Finally, it's also possible to query the configuration that ssh is actually using when it is attempting to connect to a specific host using the-Goption. For example:

    ssh -G user@somehost.example.com

    Will list all the configuration options, including the chosen values for theCiphers,MACs,HostkeyAlgorithmsandKexAlgorithmsparameters.

    For another part of the reason, I have to modify the .gitconfig file in the code directory. To append  [url "ssh://user@*******.net:port/"] 

    pushInsteadOf = git://*******.net/

    Then I can push my code to server normally.

    相关文章

      网友评论

          本文标题:Git Extensions push issue

          本文链接:https://www.haomeiwen.com/subject/pxdzkttx.html