-
-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dokku clone failing because of ssh fingerprint #46
Comments
Where is |
I don't understand openssl very well at all, but it looks like this can be defined on a per-host basis in I bet there's some sort of call you could make to query openssl configuration to ask what |
Maybe something like this? https://stackoverflow.com/a/38462337/1515875 |
Something like that could work, but I wonder if there's a better way to check what fingerprints are used outside of checking config files. Then we could conditionally add a value to |
Well we could move the fingerprint to a variable and conditionally use one variable if the fingerprint is sha56 and another for md5 etc.? |
Yeah, I think that would work great. Just thinking about the best way to determine the fingerprint for |
Just letting you know that I guess this issue won't be solved by this, so this is just fyi |
Is there any workaround to solve this temporarily? |
I guess to configure sha256 as the hash algorithm for OpenSSL? Haven't encountered the issue myself so far, so I don't know the best way to do this |
As I understand https://superuser.com/a/929567 it would be and
|
would this be for the |
Something like this would work: https://gist.github.com/maxim/871e611d4bc02c633c67 Here are the fingerprints as documented by github: https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints |
When I tried to use dokku clone, the task hung indefinitely when it was run via ansible. There was no error or debugging output available when ansible was run with
-vvvv
so I attempted to run the same command directly via ssh.I ran into this error:
It looks like there already exists a check to ensure github.com is added to
known_hosts
, but if a user hasFingerprintHash md5
theknown_hosts
value is invalid.I'm guessing what we need to do here is somehow check the
FingerprintHash
setting and change what line we are checking for inknown_hosts
, but my ansible knowledge isn't advanced enough to understand how to make this change. Any ideas? Happy to contribute if you push me in the right direction!The text was updated successfully, but these errors were encountered: