我在本地gitlab实例上配置了一个gitlab项目,并且我的帐户设置了公钥。
奇怪的是,当我试图"git clone(…)"&;一个项目,我有一个客户端主机的正确权限,gitlab要求一个密码,即使它应该选择我的SSH密钥,无论在我的客户端SSH配置文件中配置什么。
git命令
git clone git@my_host.tld:username/project.git
Cloning into 'project'...
git@my_host.tld's password:
~/. ssh/config
Host my_host.tld
Hostname my_host.tld
IdentityFile /root/.ssh/gitlab_key
Preferredauthentications publickey
当我尝试使用常规命令ssh时,它可以工作:
ssh命令
ssh -vT -i .ssh/my_host.tld
debug1: Next authentication method: publickey
debug1: Offering RSA public key: .ssh/gitlab_key
debug1: Server accepts key: pkalg rsa-sha2-512 blen 535
debug1: Authentication succeeded (publickey).
Authenticated to my_host.tld ([XX.XX.XX.XX]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: PTY allocation disabled.
debug1: Remote: Forced command.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: PTY allocation disabled.
debug1: Sending environment.
debug1: Sending env LANG = xx_X.UTF-8
Welcome to GitLab, @username!
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 3600, received 3464 bytes, in 0.5 seconds
Bytes per second: sent 6808.3, received 6551.1
debug1: Exit status 0
我错过了什么?如何使git选择我的SSH密钥,而不是密码认证方法?
将我的评论扩展为一个答案:
您在发布的~/.ssh/config中指定/root/.ssh/gitlab_key。用户~/.ssh文件夹应该只有模式0700;这意味着只有用户可以访问文件夹或其中的任何内容。我在这里假设您以自己的身份运行这个命令,而不是以root用户,因为您不应该在日常工作中使用root用户。
至少,您需要更新您的~/.ssh/config以引用您自己的密钥—您的ssh -Tv命令使用的密钥:
Host my_host.tld
IdentityFile ~/.ssh/my_host.tld