Gnutls_Handshake() Failed: Handshake Failed Git

fatal: unable to access .....: gnutls_handshake() failed: Handshake failed

This error means that Git cannot establish a secure connection to the server you're trying to use. Your version of Git uses the GnuTLS library to set up TLS (encrypted) connections, and for some reason that setup process is failing.

This could be for a couple of reasons. One is that your server (which one you haven't mentioned) is using an incompatible set of cipher suites or TLS versions, and there's no encryption algorithms in common that can be chosen. It's also possible that you have someone tampering with the connection via a MITM device.

The version of Git and GnuTLS you're using should work just fine with most standard servers. Re-installing it won't help. You can try upgrading to a newer version of Debian, or you can try building Git yourself against a version of libcurl using OpenSSL. You can also just switch to SSH-based remotes, which will avoid this incompatibility altogether.

gnutls_handshake() failed: Handshake failed GIT

The quickest solution is to use SSH instead of HTTPS. I tried other ways to fix the issue but it was not working.

The following are steps to replace HTTPS from SSH:

1. Generate ssh key using ssh-keygen on the server.

2. Copy the public key from the generated id_rsa.pub file from step 1 and add it at following links depending on the repository host -

   Bitbucket - https://bitbucket.org/account/settings/ssh-keys/

   Github - https://github.com/settings/ssh/new

   Gitlab - https://gitlab.com/profile/keys

3. Now run the following command to test authentication from the server command line terminal

   Bitbucket
   

   ssh -T git@bitbucket.org

   Github
   

   ssh -T git@github.com

   Gitlab
   

   ssh -T git@gitlab.com

4. Go to the repo directory and open .git/config file using emac or vi or nano

5. Replace remote "origin" URL (which starts with https) with the following -

   For Bitbucket - git@bitbucket.org:<username>/<repo>.git

   For Github - git@github.com:<username>/<repo>.git

   For Gitlab - git@gitlab.com:<username>/<repo>.git

error: gnutls_handshake() failed GIT repository

It could be used to a GnuTLs or pycurl bug

The following is the new method for pycurl_7.19.0-4ubuntu3:

sudo apt-get install build-essential fakeroot dpkg-dev
mkdir ~/python-pycurl-openssl
cd ~/python-pycurl-openssl
sudo apt-get source python-pycurl
sudo apt-get build-dep python-pycurl
sudo apt-get install libcurl4-openssl-dev
sudo dpkg-source -x pycurl_7.19.0-4ubuntu3.dsc
cd pycurl-7.19.0
# remove the HAVE_CURL_GNUTLS=1 in the following file
sudo vim debian/patches/10_setup.py.dpatch
# remove the HAVE_CURL_GNUTLS=1 in the following file
sudo vim setup.py
# replace all gnutls into openssl in the following file
sudo vim debian/control
sudo dpkg-buildpackage -rfakeroot -b
sudo dpkg -i ../python-pycurl_7.19.0-4ubuntu3_amd64.deb

git clone error: gnutls_handshake() failed: An unexpected TLS packet was received

Finally found the answer. It seems that I have to do:

git config --global http.proxy http://<my_proxy>:<my_port>
git config --global https.proxy https://<my_proxy>:<my_port>

Spent quick some time on this but luckily it works in the end. I thought this would be hard to fix but it turns out to be some commands that I never did before on Ubuntu 16.04.

Git: gnutls_handshake() failed: Error in the pull function

My server is behind a proxy and I got the same error, I solved this modifying ~/.gitconfig adding the proxy conf:

[http]
    proxy = http://xxx.xxx.xxx.xxx:pppp

gnutls handshake failed over git clone

Access denied due to proxy issuse, possible solution

1. Clone the repository from outside firewall
2. Clone the repository using ssh instead of https

SSH

Step 1. Set up your default identity

1. Open Terminal (Ctrl + Alt + T) and enter the following command to set up your default identity
   ssh-keygen

   Eg:

thirumal@thirumal:~/git$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/thirumal/.ssh/id_rsa): 

2. Press enter to accept the default key and path, /c/Users//.ssh/id_rsa.
3. Enter and re-enter a passphrase when prompted.The command creates your default identity with its public and private keys. The whole interaction looks similar to this:

Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/thirumal/.ssh/id_rsa
Your public key has been saved in /home/thirumal/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:h4xKiyvxzOWkeXcwxmkAYSZ9AsDOikB14+vgzpTnjPs thirumal@thirumal
The key's randomart image is:
+---[RSA 3072]----+
|*o=o o           |
| *+ + .          |
|+  + .           |
|.o  . .o .       |
|+  ..+..S .      |
|+ .o*oB  .       |
| =.Xo= o         |
|. X.B . .        |
| ..*oE .         |
+----[SHA256]-----+

Step 2 Add the public key to your Account settings

1. Copy your public key using the following command
   cat ~/.ssh/id_rsa.pub
2. Add it to your account
3. Return to your terminal and clone the repository using ssh git@github.com:M-Thirumal/installation_guide.git

git error: gnutls_handshake() failed on push

It seems there is a problem with the gnutls package. As a workaround, you can try to compile git with openssl. More info on how to accomplish this you can find here.

jenkins gnutls_handshake() failed: Handshake failed

The issue seems to be upstream (I have hit the same snag this morning trying to update one of my jenkins installls).

You could use wget and dpkg to fetch and install the deb package:

wget https://pkg.jenkins.io/debian-stable/binary/jenkins_2.235.5_all.deb && sudo dpkg -i jenkins_2.235.5_all.deb

Which will get you Jenkins installed.

---

Related Topics