Symptoms
-
Git server uses SSH with non-standard port (not 22);
-
Pulling updates from remote git repository in Domains > example.com > Git > Pull updates completes with error in Plesk UI:
PLESK_ERROR: Public key for the server at ‘git.example.com:32301’ is already known in ‘/var/www/vhosts/example.com/.ssh/git_known_hosts_with_port_32301’.
No ECDSA host key is known for [git.example.com]:32301 and you have requested strict checking. Host key verification failed. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. - Installing an application via composer may fail with the following:
Failed to retrieve data for the package 'user/former': Failed to clone the [email protected]:user/l5-google-cloud-storage.git repository, try running in interactive mode so that you can enter your GitHub credentials [RuntimeException] Failed to execute git clone --mirror '[email protected]:user/l5-google-cloud-storage.git' '/.composer/cache/vcs/git-github.com-hillelcoren-l5-google-cloud-storage.git/' Host key verification failed. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
-
Server key was modified on the git server.
Cause
Git extension bug with ID #EXTGIT-62 , which is planned to be fixed in future updates.
Resolution
Note: if you don’t have administrative access to Plesk server via SSH or RDP, contact your hosting provider regarding the issue
Connect to the server via SSH / RDP and perform the following:
Workaround 1:
-
Flush the
known_hosts
file for the git server’s port via the command:# > /var/www/vhosts/example.com/.ssh/git_known_hosts_with_port_32301
Warning: Modified server key might mean that man-in-the-middle attack is performed on the client.
-
Navigate to Domains > example.com > Git ;
-
Try adding repo/pulling updates again.
Workaround 2:
-
Connect to Git repo with the command to add ECDSA fingerprint to /root/.ssh:
# ssh -vvvv [email protected] -p 32301 -i /var/www/vhosts/example.com/.ssh/id_rsa
…
ECDSA key fingerprint is SHA256:212235gdfgdbnDEDdf1234566<sddd>
… -
Add the ECDSA fingerprint in the corresponding file under domain vhost:
# cat /root/.ssh/known_hosts >> /var/www/vhosts/example.com/.ssh/git_known_hosts_with_port_32301
-
Navigate to Domains > example.com > Git ;
-
Try adding repo/pulling updates again.
Note: In case the error “Failed to gather public SSH host key
” appears, a custom fix from the following Knowledge Base article must be applied on the server: Unable to add remote git repository with ssh key via Plesk git extension: Could not read from remote repository .