为什么GitHub只需要我的公钥即可推送? [英] Why Does GitHub only need my public key in order to push?

问题描述

我最近在cloud9(c9.io)上建立了一个项目.当您在cloud9上设置项目时，将存在一个带有公共密钥和私有密钥的.ssh目录.我认为这些是在您设置帐户时生成的.

I recently set up a project on cloud9 (c9.io). When you set up a project on cloud9, there is a .ssh directory with both public keys and private keys. I assume these are generated when you set up your account.

创建git存储库后，我将源设置为GitHub上的空存储库，并尝试将其推入上游.不出所料，我没有权限.

After creating a git repository, I set the origin to an empty repository on GitHub and attempted to push it upstream. As expected I didn't have the permissions.

我复制了公钥的内容并将其添加到GitHub.那时我可以推送到GitHub.

I copied the contents of my public key and added it to GitHub. At that point I was able to push to GitHub.

我很好奇为什么GitHub只需要公钥.当我尝试推动时，幕后会发生什么?私钥的作用是什么?

I'm curious as to why GitHub only needs the public key. What happens behind the scenes when I attempted to push? What is the role of the private key?

推荐答案

顾名思义，私钥是私钥.这是你的，也只有你的.您绝对不应将私钥提供给任何人.

A private key, as its name indicates, is private. It's yours and yours only. You should never give a private key to anyone.

您的私钥使您可以签名消息.然后，您发送带有其签名的消息，任何拥有您的公共密钥的人都可以验证签名是否与消息匹配.这就是公钥密码学的原理.因此，Github仅需要您的公共密钥即可检查您是否是您声称的那个人.

Your private key allows you to sign a message. You then send the message with its signature, and anyone having your public key can verify that the signature matches with the message. That's the principle of public key cryptography. So Github only needs your public key to check that you're the one you claim to be.

这篇关于为什么GitHub只需要我的公钥即可推送?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！