The authenticity of host ‘github.com (192.30.252.128)’ can’t be established

by

Danger ahead, unless you actually don’t care about secure communication with github on your local account

Ssh rightly complains that they can’t make sure you are indeed connecting to github’s server through a secure channel. That might be why github is recommending https access, which works out-of-the-box thanks to its public key infrastructure.

Now, you can have it work, but be aware that it involves caching a public key fingerprint which, if done incorrectly, provides an attacker permanent man-in-the-middle attack.

How to proceed safely?

Option 1 is use https url instead of ssh.

Option 2 is have ssh access work.

Okay, show me option 2

  1. Do ssh -T [email protected] but don’t just type “yes”.
  2. Check if the hash that is shown matches one of the hashed shown in https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints (in your question it does, and see, the page is fetched through https for the same public key infrastructure reasons).

If the hash matches, then connection is indeed safe you can answer “yes” to ssh’s question.

Okay, I checked and typed yes, how do I know it works?

Ssh will show something like:

Warning: Permanently added the RSA host key for IP address
‘192.30.252.128’ to the list of known hosts.

After that, you will either see a message like

Permission denied (publickey).

which is good but shows that you need further configuration, or simply

Hi yourlogin! You’ve successfully authenticated, but GitHub does not
provide shell access.

which means that all works well and you can retry your first operation.

Notice that if you retry the same ssh command, it should no longer ask the question.

More Related Contents:

  1. How to use private Github repo as npm dependency
  2. How can I publish an npm package with distribution files?
  3. Do I commit the package-lock.json file created by npm 5?
  4. NPM modules won’t install globally without sudo
  5. npm install private github repositories by dependency in package.json
  6. Cannot install packages using node package manager in Ubuntu
  7. How can I completely uninstall nodejs, npm and node in Ubuntu [closed]
  8. SSH Key – Still asking for password and passphrase
  9. Cannot install NodeJs: /usr/bin/env: node: No such file or directory
  10. How can I automatically deploy my app after a git push ( GitHub and node.js)?
  11. updating nodejs on ubuntu 16.04
  12. Having Trouble Switching Github accounts on terminal
  13. Install Node.js on Ubuntu
  14. When I run `npm install`, it returns with `ERR! code EINTEGRITY` (npm 5.3.0)
  15. npm install shows error with git not found
  16. How to install a specific version of Node on Ubuntu?
  17. Why are connections to GitHub over SSH throwing an error “Warning: Remote Host Identification Has Changed”?
  18. libsass bindings not found when using node-sass in nodejs
  19. npm ERR! git dep preparation failed when trying to install package.json
  20. Issue on adding SSH key to GitHub
  21. Git – remote: Repository not found
  22. Where is body in a nodejs http.get response?
  23. Unknown events in nodejs/v8 flamegraph using perf_events
  24. How to solve error “SyntaxError: Unexpected token ‘?'”
  25. How to set npm credentials using `npm login` without reading from stdin?
  26. Node JS NPM modules installed but command not recognized
  27. Node.js: How to attach to a running process and to debug the server with a console?
  28. npm doesn’t work, get always this error -> Error: Cannot find module ‘are-we-there-yet’
  29. Node.js server with multiple concurrent requests, how does it work?
  30. Heroku app crashes after MongoDB updated to 3.0

Leave a Comment