Troubleshooting the SSH key and GitHub Connection
Table of Contents
What is an SSH key?
What is an RSA key fingerprint?
Matching The RSA Keys
GitHub’s SSH Key Fingerprints
Checking For Existing SSH Keys
Generate New SSH Key
Adding SSH Key To GitHub Account
Testing The SSH Connection
Please Stop Asking Me For A Passphrase
Resolving The Final Warning
Before I purchased a MacBook to attend Flatiron School, I was learning to code on my good ol’ Windows laptop with Android Studio, Visual Studio Code and Git Bash. Bootcamp is over and I’ve been moving away from constantly being on the MacBook. Plus, the Windows laptop has a 17” screen which is SO nice to have.
I started a project in VS Code with basic HTML and CSS files as well as a folder for future image files. Then, I created a new repo in GitHub before continuing the flow on the command line of initializing an empty repo, making the first commit and git remote add origin <the ssh key from GitHub>.
Everything was running so smoothly until I sent git push origin master and I was faced with an unfamiliar message.
The authenticity of host ‘github.com (a bunch of #’s of an IP address)’ can’t be established.RSA key fingerprint is <SHA256: a bunch of #’s and letters>.Are you sure you want to continue connecting (yes/no/[fingerprint])?
After a quick Google it seemed as though I should ABSOLUTELY NOT select ‘yes’ for fear that an “unsecure” connection would be made between my precious laptop and my irreplaceable GitHub account. 😧
Well, I went on a couple hour goose chase trying to resolve this and the same message kept coming back to haunt me. Why!? Why me? Why now?
Part of me did consider giving up and to just return to the MacBook. But no! I’m a software engineer and I refuse to back down. Well… I did have to take a little break to recover from frustration.
I’m going to try to piece together the coherent solution(s) that I pieced together from a couple different sources in the hope of saving others from going in circles and back and forth like I did.
Disclosure: I don’t believe this is a Windows/Git Bash specific issue but I don’t remember this being as difficult the first few times. So, this was good exposure for me.
What is an SSH key?
“SSH (Secure Shell) keys are an access credential that is used in the SSH protocol and they are foundational to modern Infrastructure-as-a-Service platforms such as AWS, Google Cloud, and Azure.” — jumpcloud
And, GitHub uses SSH keys to allow secure access remotely from your computer.
What is an RSA key fingerprint?
It is also known as a host key or key fingerprint and “every SSH server is configured to use a host key to verify that the client is connecting to the correct host”.
So basically, the SSH key and the RSA key need to work in conjunction like a “pair”.
A little side trivia:
RSA is public-key encryption technology developed by RSA Data Security, Inc., which was founded in 1982 to commercialize the technology. The acronym? It stands for Rivest, Shamir, and Adelman, the inventors of the technique.
Matching The RSA Keys
Now, here is the part that I wish I figured out in the beginning. All the sources kept telling me to not say ‘yes’ until I confirmed that this RSA matched… some other key. I wasn’t really sure. I was generating and pulling keys left and right and nothing was matching.
I was even going to ‘Settings’ in GitHub to check the SSH keys and nothing was matching this RSA key. I was looking in the wrong place and comparing the wrong keys.
Look no further…
GitHub’s SSH Key Fingerprints
Confirm that the RSA from GitHub (above) matches the RSA key fingerprint printed out in the terminal message. Then, end this nonsense, take a leap of faith and just say ‘yes’ to the prompt.
It may ask you to type in a passphrase for the key. When you type it in, you’re not going to see any indicator, like a cursor or symbols, to show you that you’re actually typing something into the dark void of the terminal. Just type everything correctly and press Enter and it should go through.
I checked my GitHub profile to confirm the commits and push went through.
Checking For Existing SSH Keys
Now, I think I jumped ahead a little bit. Remember, I’m just trying to piece together the useful bits of my adventure with keys.
Somewhere, I read that I should first check existing SSH keys.
I may have followed the GitHub documentation but didn’t see anything that I could work with so I just went to my GitHub settings and selected “SSH and GPG keys.”
I saw the SSH keys for Learn IDE for Flatiron and another for my MacBook. Where was my Windows laptop? It should’ve been the first one I linked to GitHub and I know I’ve linked some repos. I don’t know what happened to it. I read somewhere that GitHub deletes SSH keys that haven’t been used in a year. But, it’s only been 8 months since my first and last repo from the Windows laptop.
Oh well, I guess it’s good practice to set up SSH keys.
Generate New SSH Key
$ ssh-keygen
When it asks which file to save the key in, you can just press Enter to keep it at the default.
For the passphrase, you can set up a passphrase if you’d like. Or, you can just press Enterto skip that.
I was being extra cautious and made a passphrase. Soon, I discovered that wasn’t necessary because I was going to take an extra step (which I’ll show you later) that would eliminate the need to enter a passphrase EVERY single time I pushed to GitHub.
Adding SSH Key To GitHub Account
$ cat~/.ssh/id-rsa.pub
Copy the long set of characters that prints out in the terminal. Mine turned out to be about 565 characters long.
Go to ‘GitHub Settings’ and then ‘SSH and GPG keys’.
Add ‘New SSH key’.
For the title, I just named it after my laptop.
Then, paste the key in and select ‘Add SSH key’.
It will now show up with any other SSH keys you have set up on GitHub.
Testing The SSH Connection
https://docs.github.com/en/github/authenticating-to-github/testing-your-ssh-connection
$ ssh -T git@github.com
Oh, here we go again. You know what to do. Confirm that the RSA keys match and just say ‘Yes’.
It’ll ask for passphrases again; press Enter to skip it if you didn’t set one up in the first place.
Finally, a welcome message should display in the terminal. You’ve successfully authenticated. Hurray! 🎊 🎉 🥳
Please Stop Asking Me For A Passphrase
If you added a passphrase when you generated the key and have now grown tired of entering it every single time you push/pull from GitHub, here is the fix.
https://stackoverflow.com/questions/10032461/git-keeps-asking-me-for-my-ssh-key-passphrase
Start an SSH agent: eval $(ssh-agent)
Then, add and permanently save key to the id_rsa file created when generated key. ssh-add ~/.ssh/id_rsa
It will ask for the passphrase once.
You should now be able to push/pull without being bothered to enter a passphrase.
Resolve The Final Warning
Sure, everything works just dandy now but I personally don’t want to look at this warning message every single time.
First, open the .ssh folder that was created when you generated this key.
For me, this was located at /c/Users/jonel/.ssh
OR, if you want to flex on the Git Bash, go all the way to the home folder of the user; represented with a `~`.
$ cd .ssh
$ start .
Here, you’ll see files like …
id_rsa
id_rsa.pub
known_hostsCreate a file named config in notepad without the .txt at the end of the filename.
Open the file and paste this in it: UserKnownHostsFile ~/.ssh/known_hosts
Save and return to coding.
The next time you push/pull you will see the warning message one FINAL time. But, trust me, it will disappear forever on the following round after that.
✨poof ✨
NOTE: This is a Windows specific issue because the “OpenSSH client compiled for Windows doesn’t check the known_hosts file in
~/.ssh/known_hosts”
