git gitolite:可以通过 ssh 连接,不能克隆
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/9339272/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
gitolite: can connect via ssh, can't clone
提问by steve
I installed gitolite on my server using this tutorial. This falls under the "non-root" method.
我使用本教程在我的服务器上安装了 gitolite 。这属于“非根”方法。
It fails when I try to clone gitolite-admin back to my client. I get this error message:
当我尝试将 gitolite-admin 克隆回我的客户端时,它失败了。我收到此错误消息:
git clone [email protected]:gitolite-admin
Cloning into gitolite-admin...
fatal: The remote end hung up unexpectedly
Also:
还:
git clone ssh://[email protected]:gitolite-admin
Cloning into gitolite0admin...
Using username "git-upload-pack 'gitolite".
fatal: The remote end hung up unexpectedly
I have also tried appending .gitto the end of the repo name, and I have also tried adding repositories/gitolite-admin(suggested by the errors in the tutorial linked above) and a combination of both of these and none work. I can find no results on google regarding the "Using username" bit, which intrigues me.
我也试过附加.git到 repo 名称的末尾,我也试过添加repositories/gitolite-admin(由上面链接的教程中的错误提示)以及这两者的组合,但都不起作用。我在谷歌上找不到关于“使用用户名”位的结果,这让我很感兴趣。
I can connect to the machine via ssh, and it tells me that I have access to R and W gitolite-admin. So, SSH is working?
我可以通过 ssh 连接到机器,它告诉我我可以访问 R 和 W gitolite-admin。那么,SSH 有效吗?
回答by VonC
Check the ssh parts about gitolite: the fact that you can connect to server.comthrough sshonly means:
检查有关 gitolite的 ssh部分:您只能server.com通过以下ssh方式连接的事实:
- your ssh key is registered in
server.com@~/.ssh/authorized_keys - that key isn't related to gitolite 'there is no "
command=" option, which means "regardless of what the incoming user is asking to do, forcibly run this command instead").
You are in an interactive session, able to execute any command you like.
- 您的 ssh 密钥已注册在
server.com@~/.ssh/authorized_keys - 该密钥与 gitolite 无关'没有“
command=”选项,这意味着“无论传入的用户要求做什么,都强制运行此命令”)。
您处于交互式会话中,能够执行您喜欢的任何命令。
What I don't like at all about the third-party tutorial is that it tries using the same name for git user and ssh non-root user
我不喜欢第三方教程的一点是它尝试对 git 用户和 ssh 非 root 用户使用相同的名称
You should keep separate:
你应该分开:
- the non-root user(which isn't an account, just an ssh key, which will be linked to gitolite, with admin privileges to the
gitolite-adminrepo) - the hosting account, which should be '
git', notgitolite, precisely to avoid confusion between the two usage mode:git(log on directly onserver.com, no ssh here): interactive session needed to execute git command (like cloning on the server the gitolite repo, and executinggitolite/src/gl-system-install)ssh [email protected]which will use your~/.ssh/id_rsa(.pub)public and private keys, which, being the ones of the gitolite, will authorize you to clone thegitolite-adminrepo and push back that repo
- 非 root 用户(不是帐户,只是一个 ssh 密钥,它将链接到 gitolite,具有对
gitolite-adminrepo 的管理员权限) - 托管帐户,应该是“
git”,而不是gitolite,正是为了 避免两种使用模式之间的混淆:git(直接server.com登录,这里没有 ssh):执行 git 命令所需的交互式会话(如在服务器上克隆 gitolite repo,并执行gitolite/src/gl-system-install)ssh [email protected]它将使用您的~/.ssh/id_rsa(.pub)公钥和私钥,即 gitolite的公钥和私钥,将授权您克隆gitolite-admin回购并推回该回购
Again:
'gitolite' is not a true account, only a name authorized to execute commands on server.comas 'git'(the actual "hosting account", as in "hosting git services and repos").
All the other git users will also execute git commands on server.comas git.
And that particular user (gitolite) will be linked to gitolite authorization layer through the forced-command mechanism, with privileges setup during the gitolite installation in order to grant that 'user' rights to clone, modify and push back gitolite-adminrepo.
(That is its only particularity compared to all the other ssh git users you will add: they won't have access to that specific git repo which is the gitolite-adminone)
再次
强调server.comgit:'gitolite' 不是真正的帐户,只是一个被授权在' '上执行命令的名称(实际的“托管帐户”,如“托管 git 服务和存储库”)。
所有其他 git 用户也将在server.comas上执行 git 命令git。
并且该特定用户 ( gitolite) 将通过强制命令机制链接到 gitolite 授权层,并在 gitolite 安装期间设置权限,以授予该“用户”克隆、修改和推回gitolite-adminrepo的权限。
(与您将添加的所有其他 ssh git 用户相比,这是它唯一的特殊性:他们不会gitolite-admin
Trying to name the two with the same name is just asking for trouble.
试图用相同的名字命名两者只是自找麻烦。
I don't like using the default naming convention for the public/private keys, so I prefer on the client defining those keys with the name of the intended user:
我不喜欢对公钥/私钥使用默认命名约定,因此我更喜欢在客户端上使用预期用户的名称定义这些密钥:
~/.ssh/gitolite.pub
~/.ssh/gitolite
Then I define a config file: ~/.ssh/configwith in it:
然后我定义一个配置文件:~/.ssh/config在其中:
host gitolite
user git
hostname server.com
identityfile ~/.ssh/gitolite
(Note the user here: always git)
Then I can clone my gitolite-aminrepo:
(注意这里的用户:始终git)
然后我可以克隆我的gitolite-amin仓库:
git clone gitolite:gitolite-admin
# modify locally
# git add -A ; git commit -m "my modifs"
git push origin master
回答by Yuriy Gettya
For posterity, the fix is to make sure that GIT_SSH is notset to TortoisePlink.exe. Git can't use it.
对于后代,修复方法是确保 GIT_SSH未设置为 TortoisePlink.exe。Git无法使用它。
