为给定域的 git push 指定 SSH 密钥 [英] Specify an SSH key for git push for a given domain
问题描述
我有以下用例:我希望能够使用用户 gitolite-admin<的私钥推送到
git@git.company.com:gitolite-admin
/code>,而我想使用我自己的"私钥推送到 git@git.company.com:some_repo
.AFAIK,我无法使用 ~/.ssh/config
解决这个问题,因为在这两种情况下用户名和服务器名是相同的.由于我主要使用自己的私钥,因此我在 ~/.ssh/config
中为 git@git.company.com
定义了它.有谁知道覆盖用于单个 git
调用的密钥的方法吗?
I have the following use case: I would like to be able to push to git@git.company.com:gitolite-admin
using the private key of user gitolite-admin
, while I want to push to git@git.company.com:some_repo
using 'my own' private key. AFAIK, I can't solve this using ~/.ssh/config
, because the user name and server name are identical in both cases. As I mostly use my own private key, I have that defined in ~/.ssh/config
for git@git.company.com
. Does anyone know of a way to override the key that is used for a single git
invocation?
(另外:gitolite根据key来区分谁在做推送,所以从访问、所有权和审计的角度来看,user@server字符串对于不同的用户是相同的.)
(Aside: gitolite distinguishes who is doing the pushing based on the key, so it's not a problem, in terms of access, ownership and auditing, that the user@server string is identical for different users.)
推荐答案
即使用户和主机相同,在~/.ssh/config
中仍然可以区分.例如,如果您的配置如下所示:
Even if the user and host are the same, they can still be distinguished in ~/.ssh/config
. For example, if your configuration looks like this:
Host gitolite-as-alice
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_rsa.alice
IdentitiesOnly yes
Host gitolite-as-bob
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_dsa.bob
IdentitiesOnly yes
然后您只需使用 gitolite-as-alice
和 gitolite-as-bob
而不是 URL 中的主机名:
Then you just use gitolite-as-alice
and gitolite-as-bob
instead of the hostname in your URL:
git remote add alice git@gitolite-as-alice:whatever.git
git remote add bob git@gitolite-as-bob:whatever.git
注意
您希望包含选项 IdentitiesOnly yes
以防止使用默认 ID.否则,如果您还有与默认名称匹配的 id 文件,它们将首先被尝试,因为与其他配置选项(遵循优先")不同,IdentityFile
选项 appends 到要尝试的身份列表.请参阅:https://serverfault.com/问题/450796/how-could-i-stop-ssh-offering-a-wrong-key/450807#450807
Note
You want to include the option IdentitiesOnly yes
to prevent the use of default ids. Otherwise, if you also have id files matching the default names, they will get tried first because unlike other config options (which abide by "first in wins") the IdentityFile
option appends to the list of identities to try. See: https://serverfault.com/questions/450796/how-could-i-stop-ssh-offering-a-wrong-key/450807#450807
这篇关于为给定域的 git push 指定 SSH 密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!