When working with Git and GitHub, you might encounter a situation where you receive an error message similar to this:
The authenticity of host 'github.com (220.127.116.11)' can't be established. RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8. Are you sure you want to continue connecting (yes/no)?
This error occurs when you're trying to connect to GitHub, but your local machine doesn't have a trusted certificate for the host. In this guide, we'll walk you through the process of resolving this issue step-by-step.
Table of Contents
- Understanding the Issue
- Step 1: Confirm the RSA Key Fingerprint
- Step 2: Add GitHub to the List of Known Hosts
- Step 3: Verify the Connection
Understanding the Issue
The error message is actually a security feature designed to protect you from man-in-the-middle attacks. When you connect to a remote server for the first time, your machine doesn't have any information about the server's public key. The message is a prompt for you to confirm that you trust the remote server's public key.
Step 1: Confirm the RSA Key Fingerprint
Before proceeding, it's essential to verify the RSA key fingerprint in the error message. Compare the fingerprint in the message with GitHub's official RSA key fingerprint:
If the fingerprints match, you can safely proceed to the next step. If they don't match, there might be a security issue, and you should contact GitHub Support for assistance.
Step 2: Add GitHub to the List of Known Hosts
To resolve the error, you need to add GitHub's public key to your machine's list of known hosts. This will establish trust between your machine and the GitHub server.
When prompted with the error message, type
yes and hit
Are you sure you want to continue connecting (yes/no)? yes
This will add GitHub's public key to the
known_hosts file, which is usually located in the
Step 3: Verify the Connection
After adding GitHub to the list of known hosts, try connecting to GitHub again. You can use the following command:
ssh -T [email protected]
If the connection is successful, you should see a message similar to this:
Hi username! You've successfully authenticated, but GitHub does not provide shell access.
Congratulations! You've resolved the 'authenticity of host can't be established' issue.
1. What is the
known_hosts file is a plain-text file used by SSH to keep track of the public keys of remote servers. It is typically located in the
~/.ssh directory on your local machine.
2. What is an RSA key fingerprint?
An RSA key fingerprint is a short, unique identifier for an RSA public key. It is generated by applying a cryptographic hash function to the public key.
3. Can I trust the RSA key fingerprint provided in the error message?
Yes, but only if it matches GitHub's official RSA key fingerprint.
4. What if the RSA key fingerprint doesn't match?
If the fingerprint doesn't match, there might be a security issue, and you should contact GitHub Support for assistance.
5. How can I prevent this issue in the future?
Once you've added GitHub's public key to your machine's list of known hosts, you shouldn't encounter this issue again. However, if you encounter the issue on a different machine or for a different host, you'll need to follow the same process to resolve it.