我的公司已经转移到一个新的GITHUB存储库。在我的Linux开发服务器上,我试图连接到新的git存储库以克隆它。我有一个部署工具,可以从git存储库中获取软件并自动部署。
然而,我与新存储库的新连接不起作用
$ git clone https://githubxxxxx.com/xxxxxxx/myrepo.git
Cloning into 'myrepo'...
fatal: unable to access 'https://githubxxxxx.com/xxxxxxx/myrepo.git/': Peer's certificate issuer has been marked as not trusted by the user.
我想我已经做了我想做的一切:
- 我为SSH创建了一个新密钥
- 我将密钥存储在GIT存储库中
我对我的笔记本电脑做了同样的程序,结果成功了。
如果我更改sslVerify 的全局属性
git config --global http.sslVerify false
然后我可以连接和克隆,但每次都必须输入用户和密码,这是没有意义的。
有人知道我有没有错过任何一步吗?还有其他全局变量需要我设置吗?
如果我对存储库执行ssh -v,我会发现我可以进行身份验证。
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ftpfdm/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug1: Authentication succeeded (publickey).
Authenticated to githubxxxxx.com (via proxy).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: proc
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi x329097! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Connection to githubxxxxx.com closed.
更新
如果我尝试使用ssh,我会通过远程主机关闭连接
$ git clone ssh://githubxxxxx.com:mygroup/myrepo.git
Cloning into 'myrepo'...
ssh_exchange_identification: Connection closed by remote host
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
新更新
这反而有效。有人知道为什么它以这种方式工作而不与ssh://一起工作吗?实际上它是通过ssh进行克隆的。我正要发布解决方案作为答案,但我认为这是不对的,因为我不知道为什么这种方式有效。
git clone git@githubxxxxx.com:group/myrepo.git
Peer的证书颁发者已被标记为不受用户信任。
这纯粹是HTTPS问题,与SSH无关。
你需要做:
-
获取远程GitHub服务器的证书
-
将其保存为文件
/home/<me>/ghe.pem(用用户登录名替换<me>( -
参考:
git config --global http."https://githubxxxxx.com/".sslcainfo ${HOME}/ghe.pem
如果使用SSH URL,则始终需要使用远程用户"git",这就是git@githubxxxxx.com:group/myrepo.git工作的原因。