如何为每个 git 存储库管理一个唯一的密钥?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/22768517/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to manage one only key per each git repository?
提问by diegoaguilar
I use git under two scenarios:
我在两种情况下使用 git:
- I use some Githubrepositories.
- I'm currently working with OpenShift, which uses sshand gitfor deployment.
- 我使用了一些Github存储库。
- 我目前正在使用 OpenShift,它使用ssh和git进行部署。
First, I used ssh-keygenfor generating a key which updated at OpenShift site. Such key is stored at ~/.ssh/and created id_rsaand id_rsa.pub.
首先,我用于ssh-keygen生成在 OpenShift 站点上更新的密钥。这样的密钥存储在~/.ssh/和创建id_rsa和id_rsa.pub。
Then I started cloning a repository from Github, I once did ssh-keygenagain and started pushing, it worked ok. Then I cloned another repository and started having problems:
然后我开始从 Github 克隆一个存储库,我再次这样做ssh-keygen并开始推送,它工作正常。然后我克隆了另一个存储库并开始遇到问题:
I got problems when cloning to the second repository. Every time I try to push will show something like:
克隆到第二个存储库时遇到问题。每次我尝试推送时都会显示如下内容:
ERROR: Permission to diegoaguilar/cursoJava.git denied to diegoaguilar/cursoCannibalCreatures. fatal: The remote end hung up unexpectedly
ERROR: Permission to diegoaguilar/cursoJava.git denied to diegoaguilar/cursoCannibalCreatures. fatal: The remote end hung up unexpectedly
But as it can be seen diegoaguilar/cursoCannibalCreaturesisn't correct as it's anotherrepository.
但可以看出这diegoaguilar/cursoCannibalCreatures是不正确的,因为它是另一个存储库。
I even tried removing such repository directory, and cloning it again, same happened.
我什至尝试删除这样的存储库目录,然后再次克隆它,同样发生了。
I already got under ~/.ssh:
我已经得到了~/.ssh:
config:
config:
Host cursoJava
Hostname github.com
User git
IdentityFile ~/.ssh/id_java
Host cursoCannibalCreatures
Hostname github.com
User git
IdentityFile ~/.ssh/id_cannibal
Host openshift
Hostname openshift.com
User git
IdentityFile ~/.ssh/openshift
And so got:
于是得到:
id_cannibal id_cannibal.pub id_java id_java.pub known_hosts
Something like id_openshiftand id_openshift.pubisn't there but as it's not working, I don't care much now.
类似id_openshift和id_openshift.pub不存在的东西,但由于它不起作用,我现在不太在意。
I created such files and they're .pubby ssh-keygen -f <filename>and gave different pass phrases to each. I added the content of the .pub's as deploy keys at each Github repository settings.
我创建了这样的文件,它们就在旁边.pub,ssh-keygen -f <filename>并为每个文件提供了不同的密码短语。我.pub在每个 Github 存储库设置中添加了's的内容作为部署密钥。
What am I doing wrong? How is this supposed to work? And, when working at another machine, how to properly obtain these keys, proof it's me and work transparently?
我究竟做错了什么?这应该如何工作?而且,在另一台机器上工作时,如何正确获取这些密钥,证明是我本人并透明地工作?
EDIT
编辑
Output of git remote -v:
的输出git remote -v:
- For cursoJava repository
- 对于 cursoJava 存储库
origin [email protected]:diegoaguilar/cursoJava.git (fetch)
origin [email protected]:diegoaguilar/cursoJava.git (push)
origin [email protected]:diegoaguilar/cursoJava.git (fetch)
origin [email protected]:diegoaguilar/cursoJava.git (push)
- For cursoCannibalCreatures
- 对于cursoCannibalCreatures
origin [email protected]:diegoaguilar/cursoCannibalCreatures.git (fetch)
origin [email protected]:diegoaguilar/cursoCannibalCreatures.git (push)
origin [email protected]:diegoaguilar/cursoCannibalCreatures.git (fetch)
origin [email protected]:diegoaguilar/cursoCannibalCreatures.git (push)
回答by VonC
As mentioned in "ssh,github,it doesnot work", the trick is to not use the default id_rsa(.pub) names for your public:private keys (because yo can only define onecouple of those), but different names.
正如“ ssh,github,it doesnot work”中提到的,诀窍是不要使用默认的 id_rsa(.pub) 名称作为您的 public:private 密钥(因为你只能定义其中的一对),而是使用不同的名称。
But that would be only if you were to access those repos as different users
但这仅当您以不同用户身份访问这些存储库时
In your case, you are accessing the repos with the same users, and one ssh keyshould be enough.
在您的情况下,您使用相同的用户访问存储库,一个 ssh 密钥应该就足够了。
See "GitHub help":
参见“ GitHub帮助”:
This error means the key you are pushing with is attached to another repository as a deploy key, and does not have access to the repository you are trying to push to.
To remedy this, remove the deploy key from the repository, and attach the key to your user account instead.
此错误意味着您正在推送的密钥作为部署密钥附加到另一个存储库,并且无权访问您尝试推送到的存储库。
要解决此问题,请从存储库中删除部署密钥,并将该密钥附加到您的用户帐户。
This is for using GitHub for two different users.
这是为两个不同的用户使用 GitHub。
You then define a ~/.ssh/configfile in which you reference each private keys by their full path:
然后定义一个~/.ssh/config文件,在其中通过完整路径引用每个私钥:
Host github1
HostName github.com
User git
IdentityFile ~/.ssh/id_repo1
Host github2
HostName github.com
User git
IdentityFile ~/.ssh/id_repo2
Instead of using [email protected]:user/repo1, you would use:
而不是使用的[email protected]:user/repo1,你可以使用:
github1:user/repo1
That uses the key Hostentry 'github1' to reference the user (git), hostname (github.com) and the exact private/public key to use ~/.ssh/id_repo1(.pub)
使用密钥Host条目“ github1”来引用用户 ( git)、主机名 ( github.com) 和要使用的确切私钥/公钥 ~/.ssh/id_repo1(.pub)
So if you have a second repo which use a second key stored as ~/.ssh/id_repo2(.pub), you need to use the entry 'github2' (you can name it as you want) defined above, and then change the url you have for origin:
因此,如果您有第二个存储库,它使用存储为 的第二个密钥~/.ssh/id_repo2(.pub),则需要使用github2上面定义的条目“ ”(您可以根据需要命名),然后更改您拥有的 url 来源:
git remote set-url origin github2:user/repo2
That way, a git pushwill use the right key (the one for the repo2)
这样, agit push将使用正确的键(用于repo2)
If you don't, you will be able to push for one repo (using the default key ~/.ssh/id_rsa(.pub), default name), but you won't be able to push to the second repo, which need a different set of public/private key.
如果不这样做,您将能够推送一个存储库(使用默认密钥 ~/.ssh/id_rsa(.pub)、默认名称),但您将无法推送到第二个存储库,后者需要一组不同的公钥/私钥。
