我有多个 GitLab 帐户,我正在尝试设置 SSH 身份验证。我已生成密钥对并保存在~/.ssh/public/proj1[2]/id_rsa.pub
,~/.ssh/private/proj1[2]/id_rsa
如下~/.ssh/config
所示
Host proj1
HostName gitlab.com
AddKeysToAgent yes
UseKeychain yes
User git
IdentityFile ~/.ssh/private/proj1/id_rsa
Host proj2
HostName gitlab.com
AddKeysToAgent yes
UseKeychain yes
User git
IdentityFile ~/.ssh/private/proj2/id_rsa
现在,当我尝试从 proj1 克隆存储库时,
git clone git@proj1:user_and_stuff.git
我收到错误消息,提示我没有足够的权限。我-vv
在 git 的 ssh 中启用了该标志,它首先正确识别了密钥
debug1: Reading configuration data /Users/user/.ssh/config
debug1: /Users/user/.ssh/config line 1: Applying options for proj1
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to gitlab.com port 22.
debug1: Connection established.
debug1: identity file /Users/user/.ssh/private/proj1/id_rsa type -1
debug1: identity file /Users/user/.ssh/private/proj1/id_rsa-cert type -1
但几行之后突然出现
debug1: Will attempt key: /Users/user/.ssh/private/proj2/id_rsa RSA SHA256:fp agent
debug1: Will attempt key: unrelated_key1 RSA SHA256:fp agent
debug1: Will attempt key: unrelated_key2 RSA SHA256:fp agent
debug1: Will attempt key: /Users/user/.ssh/private/proj1/id_rsa explicit
它首先提供了错误的密钥,但由于 proj2 也是一个 gitlab 帐户,因此它成功通过了身份验证。这当然会产生权限错误,因为它在使用 proj2 的密钥进行身份验证时尝试克隆 proj1。
有什么建议吗?我正在使用 mac OS。
答案1
看来 mac ssh 代理无法将特定密钥用于特定服务器。我们通过从代理中删除所有密钥 并 从条目中ssh-add -D
删除行来 解决这个问题,以防止将密钥添加到代理中。AddKeysToAgent yes
~/.ssh/config