git bibucket ssh_exchange_identification:读取:对等方重置连接
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/27690101/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
bibucket ssh_exchange_identification: read: Connection reset by peer
提问by dijxtra
I'm trying to setup a passwordless git connection to bitbucket. I'm using git bash on Windows Server 2008.
我正在尝试设置与 bitbucket 的无密码 git 连接。我在 Windows Server 2008 上使用 git bash。
Cloning over HTTPS works fine:
通过 HTTPS 克隆工作正常:
nskoric@P8-DEV /z/test
$ git clone https://[email protected]/nek-plan/gittest.git
Cloning into 'gittest'...
Password for 'https://[email protected]':
remote: Counting objects: 3, done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
Checking connectivity... done.
But, HTTPS is not acceptable because I need passwordless login. So I generated a private/public key pair, uploaded public key to bitbucket and set up Host/IdentitiyFile in .ssh/config. Then I tried connecting and failed.
但是,HTTPS 是不可接受的,因为我需要无密码登录。所以我生成了一个私钥/公钥对,将公钥上传到 bitbucket 并在 .ssh/config 中设置了 Host/IdentitiyFile。然后我尝试连接但失败了。
Port 22 is closed on my company firewall:
我公司的防火墙关闭了端口 22:
nskoric@P8-DEV /z/test
$ ssh [email protected] -vv
OpenSSH_6.6.1, OpenSSL 1.0.1i 6 Aug 2014
debug1: Reading configuration data /u/.ssh/config
debug1: /u/.ssh/config line 1: Applying options for *bitbucket.org
debug2: ssh_connect: needpriv 0
debug1: Connecting to bitbucket.org [131.103.20.168] port 22.
So, I'm using port 443, as per bitbucket documentation:
因此,根据 bitbucket 文档,我正在使用端口 443:
nskoric@P8-DEV /z/test
$ git clone ssh://[email protected]:443/nek-plan/gittest.git
Cloning into 'gittest'...
ssh_exchange_identification: read: Connection reset by peer
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I tried googling "bitbucket ssh_exchange_identification: read: Connection reset by peer", but it didn't help :-/ Then I tried debugging SSH connection, but this is farthest I got:
我尝试在谷歌上搜索“bitbucket ssh_exchange_identification: read: Connection reset by peer”,但没有帮助:-/然后我尝试调试 SSH 连接,但这是我得到的最远的:
nskoric@P8-DEV /z/test
$ ssh [email protected] -p 443 -vv
OpenSSH_6.6.1, OpenSSL 1.0.1i 6 Aug 2014
debug1: Reading configuration data /u/.ssh/config
debug1: /u/.ssh/config line 1: Applying options for *bitbucket.org
debug2: ssh_connect: needpriv 0
debug1: Connecting to altssh.bitbucket.org [131.103.20.174] port 443.
debug1: Connection established.
debug1: identity file /u/.ssh/bitbucketnek type 1
debug1: identity file /u/.ssh/bitbucketnek-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
ssh_exchange_identification: read: Connection reset by peer
So, SSH found the right identity file (/u/.ssh/bitbucketnek) and then died. Now, it would be really helpful if I could figure out if the problem is in my "bitbucketnek" private key, or is the problem in our company firewall, or something third. Any ideas?
所以,SSH 找到了正确的身份文件(/u/.ssh/bitbucketnek)然后就死了。现在,如果我能弄清楚问题是否出在我的“bitbucketnek”私钥中,或者是我们公司防火墙中的问题,还是第三个问题,那将非常有帮助。有任何想法吗?
Thanks!
谢谢!
回答by Eduardo La Hoz Miranda
As a helpful annotation, I had this case in a shared hosting environment, specifically GoDaddy, and the reason It gave me this error:
作为一个有用的注释,我在共享托管环境中遇到了这个案例,特别是 GoDaddy,以及它给我这个错误的原因:
ssh_exchange_identification: read: Connection reset by peer
Solution: my local machine's ip had been blocked by GoDaddy, so I had to contact their support, send them a screenshot of the error output from running:
解决方案:我本地机器的 ip 被 GoDaddy 屏蔽了,所以我不得不联系他们的支持,向他们发送运行错误输出的屏幕截图:
ssh -v user@domain
ssh -v 用户@域
, and also provide them with my ip. They noticed my ip had been in fact blocked, removed it, and problem solved.
,并提供他们我的ip。他们注意到我的 ip 实际上已被阻止,将其删除,问题解决了。
回答by Kenster
ssh_exchange_identification: read: Connection reset by peer
"Connection reset by peer" means the TCP connection was "abnormally closed" from the remote (server) side. "ssh_exchange_identification" means that it's happening during a phase where the client and server exchange software version strings. This happens before the client and server exchange host keys or try to authenticate. In other words, the remote end of the connection is dropping before any kind of key exchange or authentication has taken place.
“Connection reset by peer”是指 TCP 连接从远程(服务器)端“异常关闭”。“ssh_exchange_identification”意味着它发生在客户端和服务器交换软件版本字符串的阶段。这发生在客户端和服务器交换主机密钥或尝试进行身份验证之前。换句话说,在任何类型的密钥交换或身份验证发生之前,连接的远程端就已断开连接。
An abnormal close (connection reset) typically indicates that the server process exited without closing the connection, or it crashed, or that something like a firewall or load balancer is interfering with the connection. Normally I'd suggest to troubleshoot this on the server. But given this is bitbucket, it's probably safe to start with the assumption that their servers are working correctly. The likely alternative is that your traffic is going through a stateful firewall, or a load balancer, or a similar device within your network, and it's forcing the TCP stream closed for some reason.
异常关闭(连接重置)通常表示服务器进程在没有关闭连接的情况下退出,或者它崩溃了,或者防火墙或负载平衡器之类的东西正在干扰连接。通常我会建议在服务器上解决这个问题。但鉴于这是 bitbucket,假设他们的服务器正常工作可能是安全的。可能的替代方案是,您的流量正在通过有状态防火墙、负载平衡器或网络中的类似设备,并且出于某种原因迫使 TCP 流关闭。
I see you're trying to run SSH on port 443, probably following these instructions. Maybe your network engineers have blocked port 22 to the Internet? Maybe they're also doing packet inspection on port 443, and they're blocking traffic which doesn't look like HTTPS (HTTP over SSL).
我看到您正在尝试在端口 443 上运行 SSH,可能遵循这些说明。也许您的网络工程师阻止了 Internet 的 22 端口?也许他们也在端口 443 上进行数据包检查,并且他们正在阻止看起来不像 HTTPS(HTTP over SSL)的流量。
回答by Charles Roth
I've seen this happen when I tried to pull updates on 20 or so projects, via a script, one immediately after another. I suspect I ran into some kind of limit. Adding a 'sleep 10' after each pull seems to have solved the problem.
当我试图通过一个脚本一个接一个地拉取 20 个左右项目的更新时,我已经看到了这种情况。我怀疑我遇到了某种限制。每次拉动后添加“睡眠 10”似乎解决了问题。
回答by thomas
I can confirm this with an Atlassian Stash server accessed via a VPN using a script to 'git pull' lots of projects. For many of them I got a 'kex_exchange_identification: read: Connection reset by peer' error, which disappeared when inserting a 'sleep 5' between the pulls.
我可以使用通过 VPN 访问的 Atlassian Stash 服务器使用脚本“git pull”大量项目来确认这一点。对于他们中的许多人,我收到了“kex_exchange_identification: read: Connection reset by peer”错误,在两次拉动之间插入“sleep 5”时,该错误消失了。
