This DNS resolution error occurs when Git cannot translate a hostname like github.com into an IP address. The issue is typically caused by network connectivity problems, misconfigured DNS settings, proxy interference, or firewall blocks on DNS traffic.
The "fatal: unable to access - Could not resolve host" error indicates that Git's attempt to connect to a remote repository failed at the most fundamental network level: DNS resolution. Before Git can establish a connection to github.com (or any remote host), your system must first translate that hostname into an IP address using the Domain Name System (DNS). When this lookup fails, Git cannot even begin the actual clone, push, or pull operation. The error is not specific to Git itself - it reflects a broader networking issue on your system that would affect any application trying to reach that hostname. This error commonly appears in several scenarios: - **Intermittent network issues**: Temporary network outages or unstable WiFi connections - **Corporate networks**: Proxy servers or firewalls blocking DNS traffic - **VPN interference**: VPN clients that override DNS settings or create routing conflicts - **WSL environments**: Windows Subsystem for Linux DNS configuration problems - **Docker containers**: Missing or incorrect DNS configuration inside containers - **Misconfigured /etc/resolv.conf**: Missing or incorrect nameserver entries on Linux systems
First, check if you have general internet connectivity and can resolve DNS:
Test internet connectivity:
# Test if you can reach the internet at all (uses IP, no DNS needed)
ping -c 4 8.8.8.8Test DNS resolution:
# Test if DNS is working
host github.com
# or
nslookup github.com
# or
dig github.comTest connectivity to GitHub:
ping -c 4 github.comIf ping 8.8.8.8 works but host github.com fails, you have a DNS problem. If even ping 8.8.8.8 fails, your network connection is down.
Incorrect proxy configuration is a common cause of this error. Check and clear proxy settings:
View current proxy settings:
git config --global --get http.proxy
git config --global --get https.proxyRemove proxy settings if they exist:
git config --global --unset http.proxy
git config --global --unset https.proxyAlso check for environment variables:
env | grep -i proxyIf you see HTTP_PROXY, HTTPS_PROXY, or similar variables, unset them temporarily:
unset HTTP_PROXY
unset HTTPS_PROXY
unset http_proxy
unset https_proxyThen try your Git command again.
On Linux, DNS settings are controlled by /etc/resolv.conf. Check and fix it:
View current DNS configuration:
cat /etc/resolv.confYou should see one or more nameserver entries. If the file is empty or contains only comments, add public DNS servers:
Add Google and Cloudflare DNS:
# Backup the existing file
sudo cp /etc/resolv.conf /etc/resolv.conf.backup
# Add working nameservers
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf
echo "nameserver 1.1.1.1" | sudo tee -a /etc/resolv.confIf using NetworkManager, restart the network:
sudo systemctl restart NetworkManager
# or
sudo service network-manager restartNote: On some systems (like Ubuntu with systemd-resolved), you may need to configure DNS through /etc/systemd/resolved.conf instead.
WSL2 has known DNS issues. The auto-generated resolv.conf often points to the wrong nameserver:
Step 1: Disable auto-generation of resolv.conf
Create or edit /etc/wsl.conf:
sudo tee /etc/wsl.conf << EOF
[network]
generateResolvConf = false
EOFStep 2: Shutdown WSL completely from Windows:
# Run in Windows PowerShell or CMD
wsl --shutdownStep 3: Restart WSL and recreate resolv.conf:
# Remove the old symlink
sudo rm /etc/resolv.conf
# Create a new file with working DNS
sudo tee /etc/resolv.conf << EOF
nameserver 8.8.8.8
nameserver 1.1.1.1
EOFStep 4: Test:
ping github.com
git clone https://github.com/octocat/Hello-World.gitDNS uses port 53 (both TCP and UDP). Ensure it's not blocked:
On Linux with ufw:
# Check firewall status
sudo ufw status
# Ensure DNS is allowed (should be by default)
sudo ufw allow out 53On Linux with firewalld:
sudo firewall-cmd --list-all
sudo firewall-cmd --add-service=dns --permanent
sudo firewall-cmd --reloadOn Windows:
1. Open Windows Firewall (search "firewall" in Start menu)
2. Click "Allow an app or feature through Windows Firewall"
3. Ensure your Git client (Git Bash, Git GUI) is allowed
Check if your network/VPN is blocking DNS:
# Try using a specific DNS server directly
nslookup github.com 8.8.8.8If this works but regular nslookup github.com fails, your network's default DNS is the problem.
VPN clients often interfere with DNS resolution:
Temporary test - disconnect VPN:
1. Temporarily disconnect your VPN
2. Try the Git command again
3. If it works, your VPN is the cause
VPN DNS solutions:
- Use the VPN's DNS servers: Many VPNs require you to use their DNS for security. Check your VPN's documentation.
- Configure split DNS: Some VPN clients let you exclude certain domains from the VPN tunnel.
- Cisco AnyConnect specific fix:
# Check if VPN is overriding DNS
cat /etc/resolv.conf
# If it shows VPN DNS, you may need to manually add public DNSOn Windows, check if VPN is modifying adapter settings:
# View DNS servers for all adapters
Get-DnsClientServerAddressA bad entry in the hosts file can prevent DNS resolution:
On Linux/macOS:
cat /etc/hosts | grep -i githubOn Windows (run as Administrator):
Get-Content C:\Windows\System32\drivers\etc\hosts | Select-String githubIf you see any entries for github.com, remove them (unless you specifically added them for a reason):
On Linux/macOS:
sudo nano /etc/hosts
# Comment out or delete any github.com linesOn Windows:
1. Open Notepad as Administrator
2. Open C:\Windows\System32\drivers\etc\hosts
3. Remove or comment out any github.com entries
4. Save the file
Sometimes resetting the network stack resolves persistent DNS issues:
On Windows (run as Administrator):
# Reset TCP/IP stack
netsh int ip reset
# Reset Winsock
netsh winsock reset
# Flush DNS cache
ipconfig /flushdns
# Release and renew IP
ipconfig /release
ipconfig /renewRestart your computer after running these commands.
On macOS:
# Flush DNS cache
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponderOn Linux:
# Flush DNS cache (systemd-resolved)
sudo systemd-resolve --flush-caches
# Or restart the network
sudo systemctl restart NetworkManagerSimple fixes to try:
- Toggle your WiFi off and on
- Disconnect and reconnect your Ethernet cable
- Restart your router/modem
If HTTPS continues to have issues, switching to SSH may help as it uses a different network path:
Step 1: Generate an SSH key (if you don't have one):
ssh-keygen -t ed25519 -C "[email protected]"Step 2: Add the SSH key to your GitHub account:
# Copy the public key
cat ~/.ssh/id_ed25519.pubGo to GitHub Settings > SSH and GPG keys > New SSH key, and paste the key.
Step 3: Test SSH connectivity:
ssh -T [email protected]Step 4: Clone using SSH:
git clone [email protected]:username/repository.gitStep 5: Change existing remotes from HTTPS to SSH:
# View current remote
git remote -v
# Change from HTTPS to SSH
git remote set-url origin [email protected]:username/repository.gitUnderstanding the DNS resolution process:
When you run git clone https://github.com/user/repo.git, your system must:
1. Parse the URL and extract the hostname (github.com)
2. Query a DNS server to translate github.com to an IP address
3. Establish a TCP connection to that IP address on port 443 (HTTPS)
4. Perform the Git protocol operations
The "Could not resolve host" error means step 2 failed. The DNS query either:
- Never reached a DNS server (network issue)
- Reached a DNS server that didn't respond (server issue)
- Returned no results (domain doesn't exist or is blocked)
Diagnosing DNS issues with verbose output:
# See detailed DNS resolution
dig github.com +trace
# Check which DNS server is being used
dig github.com
# Test against a specific DNS server
dig @8.8.8.8 github.com
dig @1.1.1.1 github.comPermanent DNS configuration on different systems:
Ubuntu/Debian with systemd-resolved:
# Edit /etc/systemd/resolved.conf
[Resolve]
DNS=8.8.8.8 1.1.1.1
FallbackDNS=8.8.4.4 1.0.0.1
# Restart the service
sudo systemctl restart systemd-resolvedRHEL/CentOS with NetworkManager:
# Edit the connection
nmcli con mod "Connection Name" ipv4.dns "8.8.8.8 1.1.1.1"
nmcli con up "Connection Name"Docker containers with DNS issues:
If Git fails inside Docker containers but works on the host, add DNS to your container:
docker run --dns 8.8.8.8 your-imageOr in docker-compose.yml:
services:
app:
dns:
- 8.8.8.8
- 1.1.1.1Or configure Docker daemon-wide in /etc/docker/daemon.json:
{
"dns": ["8.8.8.8", "1.1.1.1"]
}Corporate network considerations:
In corporate environments, you may need to:
1. Use the company's internal DNS servers (ask IT)
2. Configure proxy settings for Git
3. Use SSH with a proxy (via ProxyCommand in ~/.ssh/config)
4. Request firewall exceptions for git operations
IPv6 considerations:
GitHub supports IPv6, but if your network has broken IPv6 connectivity, it can cause connection issues. Prefer IPv4:
# Force Git to use IPv4
git config --global http.version HTTP/1.1
# Or set in environment
export GIT_CURL_VERBOSE=1kex_exchange_identification: Connection closed by remote host
Connection closed by remote host when connecting to Git server
fatal: unable to access: Proxy auto-configuration failed
How to fix 'Proxy auto-configuration failed' in Git
fatal: unable to access: Authentication failed (proxy requires basic auth)
How to fix 'Authentication failed (proxy requires basic auth)' in Git
fatal: unable to access: no_proxy configuration not working
How to fix 'no_proxy configuration not working' in Git
fatal: unable to read tree object in treeless clone
How to fix 'unable to read tree object in treeless clone' in Git