praveen-palanisamy/git-ssh-command-ado-pull.md

## git-ssh-command-ado-pull.md

      
    Raw
  

              git-ssh-command-ado-pull.md
            
          
    Sometimes git clone/pull using SSH keys would fail with the following message even when the SSH keypair is setup on the server:
Unable to negotiate with <GIT_SERVER_IP> port 22: no matching host key type found. Their offer: ssh-rsa
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

The resolution is to ask git to use the the following SSH options:
GIT_SSH_COMMAND="ssh -vvv -oHostKeyAlgorithms=+ssh-rsa -oIdentityFile=~/.ssh/id_rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa"
Explanation of arguments:


(optional) -vvv: Very very verbose. Prints out lots of details as the SSH connection is made


-oHostKeyAlgorithms=+ssh-rsa: Use ssh-rsa during handshakes with the server


-oIdentityFile=: Path to the private SSH key for authentication


-oPubkeyAcceptedKeyTypes=ssh-rsa: Allow ssh-rsa


Examples:
Azure Dev Ops (ADO) repo using SSH-RSA key pair

Clone : GIT_SSH_COMMAND="ssh -vvv -oHostKeyAlgorithms=+ssh-rsa -oIdentityFile=~/.ssh/id_rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa" git clone sshuser@vs-ssh.visualstudio.com:v3/Org/Project/Repo
Pull: GIT_SSH_COMMAND="ssh -vvv -oHostKeyAlgorithms=+ssh-rsa -oIdentityFile=~/.ssh/id_rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa" git pull

Alternatives

You can also update your SSH config file to set the aboce options by default for this Git remote. On Linux, add the following to ~/.ssh/config file:
Host gitserver1
    HostName vs-ssh.visualstudio.com
    User bizair
    IdentityFile ~/.ssh/id_rsa
    HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa