【踩坑记录】ssh connection closed;git鉴权失败

Aikoin / 2024-01-18 / 原文

换电脑用的Clash X Pro,开着增强模式,结果终端ssh连接gituhub一直报错:

kex_exchange_identification: Connection closed by remote host Connection closed by 20.205.243.166 port 2

如果增强模式关闭呢,就直接Timeout。

这几天试了很多方法都不行,虽然大概知道是代理的问题,可是一直没办法解决。

今天搜到这两个issue:https://github.com/vernesong/OpenClash/issues/2074,https://github.com/vernesong/OpenClash/issues/1960#issuecomment-1019101426,

用评论区提到的官方文档里的方法解决了!

似乎问题出在节点屏蔽22端口的连接,之前ri也是多换了几个节点就可以连上了。

以下是官方文档的解决步骤:

在 HTTPS 端口使用 SSH

有时,防火墙会完全拒绝允许 SSH 连接。 如果无法选择使用具有凭据缓存的 HTTPS 克隆,可以尝试使用通过 HTTPS 端口建立的 SSH 连接克隆。 大多数防火墙规则应允许此操作,但代理服务器可能会干扰。

要测试通过 HTTPS 端口的 SSH 是否可行,请运行以下 SSH 命令:

$ ssh -T -p 443 git@ssh.github.com
> Hi USERNAME! You've successfully authenticated, but GitHub does not
> provide shell access.

注意:端口 443 的主机名为 ssh.github.com,而不是 github.com

如果这样有效,万事大吉!

否则,可能需要遵循我们的故障排除指南。

现在,若要克隆存储库,可以运行以下命令:

git clone ssh://git@ssh.github.com:443/YOUR-USERNAME/YOUR-REPOSITORY.git

启用通过HTTPS的SSH连接

如果你能在端口 443 上通过 SSH 连接到 git@ssh.github.com,则可覆盖你的 SSH 设置来强制与 GitHub.com 的任何连接均通过该服务器和端口运行。

要在 SSH 配置文件中设置此行为,请在 ~/.ssh/config 编辑该文件,并添加以下部分:

Host github.com
    Hostname ssh.github.com
    Port 443
    User git

你可以通过再次连接到 GitHub.com 来测试这是否有效:

$ ssh -T git@github.com
> Hi USERNAME! You've successfully authenticated, but GitHub does not
> provide shell access.

----------------------------

现在不管是否开启增强模式,都能连接上啦。

后续在添加远程仓库HTTPS URL后进行git push却又报错,输出以下提示信息:

remote: Support for password authentication was removed on August 13, 2021.
remote: Please see https://docs.github.com/en/get-started/getting-started-with-git/about-remote-repositories#cloning-with-https-urls for information on currently recommended modes of authentication.

这边只要改成SSH URL就好了。关于远程仓库的操作可以查看这个文档:https://docs.github.com/zh/get-started/getting-started-with-git/managing-remote-repositories

我用到的是更改远程仓库的URL,具体如下:

git remote set-url 命令更改现有的远程存储库 URL。

git remote set-url 命令采用两个参数:

  • 现有远程仓库的名称。 例如,originupstream 是两个常见的选项。

  • 远程仓库的新 URL。 例如:

    • 如果您要更新为使用 HTTPS,您的 URL 可能如下所示:
    https://github.com/OWNER/REPOSITORY.git
    • 如果您要更新为使用 SSH,您的 URL 可能如下所示:
    git@github.com:OWNER/REPOSITORY.git

用法:git remote set-url [--push] <名称> <新的地址> [<旧的地址>]

  或:git remote set-url --add <名称> <新的地址>

  或:git remote set-url --delete <名称> <地址>

还搜到另一种解决方案:https://stackoverflow.com/questions/68775869/message-support-for-password-authentication-was-removed

要在setting里申请个人权限Token,我没有试,感兴趣的可以试一下~以下是原文:

Create Personal Access Token on GitHub

From your GitHub account, go to SettingsDeveloper SettingsPersonal Access TokenTokens (classic)Generate New Token (Give your password) → Fillup the form → click Generate tokenCopy the generated Token, it will be something like ghp_sFhFsSHhTzMDreGRLjmks4Tzuzgthdvfsrta

Now follow the below method based on your machine:

For Windows OS ⤴

Go to Credential Manager from Control PanelWindows Credentials → find git:https://github.comEdit → On Password replace with with your GitHub Personal Access Token → You are Done

If you don’t find git:https://github.com → Click on Add a generic credential → Internet address will be git:https://github.com and you need to type in your username and password will be your GitHub Personal Access Token → Click Ok and you are done

For macOS ⤴

Click on the Spotlight icon (magnifying glass) on the right side of the menu bar. Type Keychain access then press the Enter key to launch the app → In Keychain Access, search for github.com → Find the internet password entry for github.com → Edit or delete the entry accordingly → You are done

For a Linux-based OS ⤴

For Linux, you need to configure the local GIT client with a username and email address,

$ git config --global user.name "your_github_username"
$ git config --global user.email "your_github_email"
$ git config -l

Once GIT is configured, we can begin using it to access GitHub. Example:

$ git clone https://github.com/YOUR-USERNAME/YOUR-REPOSITORY
> Cloning into `YOUR-REPOSITORY`...
Username: <type your username>
Password: <type your password or personal access token (GitHub)

Now cache the given record in your computer to remembers the token:

$ git config --global credential.helper cache

If needed, anytime you can delete the cache record by:

$ git config --global --unset credential.helper
$ git config --system --unset credential.helper

Now try to pull with -v to verify

$ git pull -v

Linux/Debian (Clone as follows):

git clone https://<tokenhere>@github.com/<user>/<repo>.git

以及评论区热评:Be sure to save the token on some local file or in some cloud. (记得把token保存到自己的本地文件或者云端🤔️