Git Clone Error: gnutls_handshake() failed: Decryption has failed [How to Solve]

The system is Ubuntu (kylin) 20.04 and git version 2.25.

Clone error

The following error is reported when the GIT clone the warehouse on the GitHub,

fatal: cannot access' ': gnutls_handshake() failed: Decryption has failed.

Repeated many times.

Simple try

Most of the failures of GIT clone are network problems, especially when using GitHub.

First try the proxy, http_ proxy´╝îhttps_ Proxy, GIT config, http.proxy and other commonly used methods have been tried, and even the hack method of proxychains has been tried, but the results are not good. Instant confidence is gone.

Things are different this time.



There are two methods to recompile. One is to use the script provided by the boss [1]. The second is to use the source code in apt to compile and package DEB by myself. I refer to [2] [3] two tutorials. The general method is

1. Open source

2. Get the source code apt source git , and modify libcurl4 gnutls dev in Debian/control file to libcurl4 OpenSSL dev.

3. Install the compilation environment, sudo apt get build dep git

4. Compile dpkg buildpackage - B, after a long compilation and a complete set of tests, several Debs are finally packaged. (there are still a few mistakes, regardless)

5. Install the packaged DEB, dpkg - I Git_xxx.deb

Finally, it’s done. Git clone is very slow, but no decryption error is reported. The proxy is set successfully. The last step, apt mark hold git, prevents git from being automatically updated. That’s it.


The specific cause of the error has not been thoroughly studied, and it looks more complex. Therefore, a workaround was taken and recorded here. Thank all the original authors.

First update

1. It has been verified that git in livecd (Ubuntu kylin 20.04 Pro) still has this bug. In Galaxy Kirin V10 Sp1 livecd, the installed git also has this bug

2. The GIT of desktop (Intel processor) virtual machine and livecd is normal, so it is suspected that it is a hardware problem

3. Gitee does not have this problem

It is speculated that it is a hardware problem, or even a problem with the CPU instruction set. The bottom layer of TLS uses AES algorithm, and there are related instruction sets in CPU. Gitee has no problem, probably because it uses TLS 1.2 and GitHub is TLS 1.3.

Similar Posts: