Search code examples
gitamazon-web-servicesgithubaws-codecommit

Git Keeps Building on my 'known_hosts' File For Every Push


I created a local git repository that I want to push on to both Github and also Amazon's CodeCommit.

I set up two remotes and named them accordingly:

git remote add github [email protected]:mygit/myrepo.git

and

git remote add codecommit ssh://git-codecommit.us-west-2.amazonaws.com/v1/repos/myrepo

The Github repo works fine. The CodeCommit repo works, but every time I run a push with:

git push -u codecommit master

it adds on to my '~/.ssh/known_hosts' file for every single push. If I continue I will have a million entries in my 'known_hosts' file.

The only difference I can see is the formatting on CodeCommit remote link, which is slightly different than the Github format, as shown above. When you create a repo on CodeCommit, it provides a remote link:

git clone ssh://git-codecommit.us-west-2.amazonaws.com/v1/repos/myrepo

Since I am pushing a local git repo on to CodeCommit, I removed the 'git clone' portion and replaced it with:

git remote add codecommit ssh://git-codecommit.us-west-2.amazonaws.com/v1/repos/myrepo

CodeCommit also requires that you create a '~/.ssh/config' file with:

Host git-codecommit.*.amazonaws.com
  User Your-IAM-SSH-Key-ID-Here
  IdentityFile ~/.ssh/Your-Private-Key-File-Name-Here

I created this file as instructed.

Anyone run into this issue while using two remotes: Github and CodeCommit?


Solution

  • It is probably that CodeCommit is behind a load balancer, and each node has its own SSH host key. As you hit different nodes, they are presenting you with their own host key, which your ssh client is caching in known_hosts.

    You can just ignore this, but if you prefer not to have the keys accumulating, you can opt to ignore caching for this remote.

    In ~/.ssh/config, just add a couple of parameters to the entry you have already added.

    Host git-codecommit.*.amazonaws.com
      User Your-IAM-SSH-Key-ID-Here
      IdentityFile ~/.ssh/Your-Private-Key-File-Name-Here
      UserKnownHostsFile /dev/null
      CheckHostIP no