我正在尝试配置某个 git repo 以使用特定的公钥/私钥进行身份验证。
这是在 ~/.ssh/config 里面
Host Repo
HostName bitbucket.org
User git
IdentityFile ~/.ssh/ynd
LogLevel DEBUG
这是尝试推送到 repo 时的日志
debug1: Connecting to bitbucket.org [104.192.143.1] port 22.
debug1: Connection established.
debug1: identity file /Users/evgenipetrov/.ssh/ynd type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/evgenipetrov/.ssh/ynd-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version conker_1.0.315-a08d059 app-134
debug1: no match: conker_1.0.315-a08d059 app-134
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr [email protected] none
debug1: kex: client->server aes128-ctr [email protected] none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /Users/evgenipetrov/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/evgenipetrov/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to bitbucket.org ([104.192.143.1]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LC_CTYPE = UTF-8
debug1: Sending command: git-receive-pack '[deleted]'
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
repository access denied.
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 3348, received 1736 bytes, in 0.4 seconds
Bytes per second: sent 9562.2, received 4958.2
debug1: Exit status 1
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
我可以看到它正在寻找身份,但是当服务器请求公钥认证时,它并没有使用它来认证。
我做错了什么?为什么 ssh 不使用配置文件中的 IdentityFile?
答案1
看起来,您的会话无法访问指定的密钥,并且它已恢复为默认密钥。并且它能够访问 bitbucket ,但是,您无法使用此密钥访问 repo,因此请使用该默认密钥 /Users/evgenipetrov/.ssh/id_rsa 查看 repo 权限
还要检查哪些 ssh-keys 已加载到 ssh-agent 中,并使用 ssh-add 加载缺失的 ssh-keys
答案2
LogLevel 调试很有帮助。我在我的.ssh/config
Host github.com
HostName github.com
UseKeychain yes
AddKeysToAgent yes
User git
IdentityFile ~/.ssh/id_ed25519
Host github.com-personal
UseKeychain yes
AddKeysToAgent yes
HostName github.com
User git
IdentityFile ~/.ssh/id_ed25519_personal
但尚未将ssh-add -K ~/.ssh/id_ed25519_personal
其添加到钥匙串以防止其回落到其他文件。
答案3
主机需要与您使用的 ssh 或 git clone 相匹配。
所以
ssh -vv Repo
那应该使用正确的密钥。
另外,为了便于阅读,请正确分配配置空间
Host Repo
HostName bitbucket.org
User git
IdentityFile ~/.ssh/ynd
LogLevel DEBUG
我也看到了这个
debug1: identity file /Users/evgenipetrov/.ssh/ynd type 1
debug1: key_load_public: No such file or directory
检查文件是否存在