Comments (4)
any update on this?
from git-server-docker.
So sorry for the delay, these warnings are due to openssh version changed from 7.3 to 7.4 and some crypto features have be deprecated for security reasons:
Future deprecation notice
We plan on retiring more legacy cryptography in future releases,
specifically:
In approximately August 2017, removing remaining support for the
SSH v.1 protocol (client-only and currently compile-time disabled).In the same release, removing support for Blowfish and RC4 ciphers
and the RIPE-MD160 HMAC. (These are currently run-time disabled).Refusing all RSA keys smaller than 1024 bits (the current minimum
is 768 bits)The next release of OpenSSH will remove support for running sshd(8)
with privilege separation disabled.The next release of portable OpenSSH will remove support for
OpenSSL version prior to 1.0.1.This list reflects our current intentions, but please check the final
release notes for future releases.
Link: https://www.openssh.com/txt/release-7.4
Don't worry, this is no problem for us, because these options are not used in git-server-docker.
....
# Kerberos options
KerberosAuthentication no
....
# GSSAPI options
GSSAPIAuthentication no
Yet, I will fix it soon and I will inform by here.
Thanks for comments!!
from git-server-docker.
Ok, this issue was fixed, I commented above config lines.
For update your container, if you downloaded the image by docker-compose, only type:
docker-compose pull
docker-compose up -d
You can check everything is ok typing:
docker-compose logs -t
No warnings must appear now.
from git-server-docker.
When you try next "git pull" or similar interaction with server, maybe you will get next warning:
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
> It is also possible that a host key has just been changed.
> The fingerprint for the ECDSA key sent by the remote host is
> .....
> Please contact your system administrator.
> Add correct host key in ...../.ssh/known_hosts to get rid of this message.
> Offending ECDSA key in ...../.ssh/known_hosts:**XX**
> ECDSA host key for [**IP/DOMAIN**]:2222 has changed and you have requested strict checking.
> Host key verification failed.
> fatal: Could not read from remote repository.
>
> Please make sure you have the correct access rights
> and the repository exists.
This is due to recreating of the ssh-keys in container. To fix it, in your client, remove the line XX in ~/.ssh/known_hosts or type:
ssh-keygen -R <ip>:<port>
For next updates, I will try to generate the server keys in the keys volume and only if they not exist. Therefore, next image updates (pulls) won't must affect this keys and known_host issue will be fix it.
from git-server-docker.
Related Issues (20)
- Closed repository
- Key in authorized_keys HOT 1
- How to access certain branch of a repo
- Every container started with this image has the same key HOT 2
- Docker build fails on ARMv7.
- Public keys must have EOF char
- Feature Request: Support for cookie-based auth
- What is the user@host? HOT 1
- Add support for git lfs (and maybe upgrade to Alpine 3.7)
- Troubleshooting help pls for "repo does not exist" HOT 1
- Add bash and curl
- Files on server?
- SCP dooesn't work
- Abandoned Project? HOT 1
- Restart of docker container needed after adding key HOT 2
- [solved] permission Error when trying to do: git push HOT 5
- Enhance Readme HOT 1
- What type of Licence is used? HOT 1
- Problems to connect with TortoiseGit Windows HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from git-server-docker.