0

I am trying to get back into my remote server, having had my laptop stolen. So obviously the new machine does not have the same keys, etc.

I can log into my LAMP server fine via PuTTY. I have a bare git repository on the server to which I push my code from the laptop. I also deploy the code from that bare repo to the actual working directory (which happens to be on the same machine, for now).

My initial attempt to fetch from the remote repo failed with the usual self-signed certificate error.

The result of my research to date is that I need to have ssh keys set up for my git user on the server, which will be used to validate connection from my laptop.

So, following what I have been able to find so far, I have:

a) used ssh-keygen to generate a new public key and added that to my server git user's authorized_keys file.

b) used puttygen to load the existing (correct/working) PuTTY key, and to export that as a ssh public key which I have also added to my server git user's authorized_keys file.

I have made copies of both keys in a .ssh subdirectory off my main code directory (the one I run Git Bash from), as well as in a .ssh subdirectory in Program Files/Git.

Yet when I attempt my remote fetch/pull/push etc. actions, I still get the same Self-Signed Certificate error.

Dan Lowe
  • 51,713
  • 20
  • 123
  • 112
user3600150
  • 77
  • 9

1 Answers1

2

If you are cloning over HTTPS, then Git will only use certificates that are in its trust store. That is, the certificate needs to be signed by a Certificate Authority that git trusts.

Using SSH is another option to work around this problem - but if you are still getting certificate errors, then you are probably still trying to clone with an HTTPS URL. If you want to use SSH, then you want to use an SSH-style "URL", like git clone username@hostname.com:repositoryname.git.

So, you can either use SSH, or you can fix the trust problem with HTTPS. To fix the trust issue, you can do one of three things.

  1. Get a certificate from a CA for the hostname.
  2. Add your self-signed certificate to your trust store. This isn't entirely straight-forward with Git, and you'll have to do it on every machine that connects to the host, but it's possible.
  3. Ignore the HTTPS warning. You can do this with git config and setting http.sslVerify to false. This is the least-ideal solution - you may as well not use HTTPS at all and use plain HTTP.
vcsjones
  • 138,677
  • 31
  • 291
  • 286