如何管理 ~/.ssh 目录中的多个 ssh 密钥 [英] How to manage multiple ssh keys in the ~/.ssh directory
问题描述
我相信我们都会不时收到此错误:
I'm sure we all get this error from time to time:
$ git push origin master
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
典型的补救方法是简单地创建一个公钥/私钥对并与您的 git 主机共享它(在我的例子中是 bitbucket,使用他们的 说明)
The typical remedy is to simply create a public/private key pair and share it with your git host (in my case bitbucket, with their instructions)
问题是,我有很多帐户需要我有一个公/私钥对(例如,我需要保存一个密钥才能连接到 AWS ......等等......所以我所做的是我创建这些密钥并将它们保存在单独的目录中,即
The thing is though, I have many accounts that require that I have a public/private key pair (for example i need to save a key to connect to AWS.. etc).. so what I do is that i create these keys and save them in separate directories ie
~/.ssh $ find .
./awskeys
./awskeys/id_rsa
./awskeys/id_rsa.pub
./bitbucket
./bitbucket/id_rsa
./bitbucket/id_rsa.pub
但是这个错误时不时地弹出..要解决它,我必须将相关的键移回根目录 ~/.ssh.这对我来说似乎不对.我怎样才能可靠地做到这一点?
but then this error pops up every now and then.. to solve it I have to move the relevant keys back to the root ~/.ssh. this doesn't seem right to me. How can I reliably do this?
推荐答案
你可以把它们放在任何你想要的地方,但它们的权限和父文件夹的权限需要严格:
You can have them anywhere you want, but their permission and the permission of the parent folders need to be strict:
- 父文件夹没有可写访问权限(对于其他人和所有人)
- 644 用于公钥
- 600 用于私钥.
那么你:
- 在
~/.ssh/config
(此处示例) - 更改远程 url 以使用
~/.ssh/config
文件的相应条目,该文件描述了要使用的正确 ssh 密钥.
- declare those different keys in
~/.ssh/config
(example here) - change the remote url in order to use the appropriate entry of the
~/.ssh/config
file which described the right ssh key to use.
这意味着一个条目:
Host mygithub
User git
IdentityFile ~/.ssh/mypath/mykey # wherever your "new" key lives
IdentitiesOnly yes
允许您将 git@github.com:username/repo 之类的 url 替换为:
Allows you to replace an url like git@github.com:username/repo with:
git remote set-url origin mygithub:username/repo
这篇关于如何管理 ~/.ssh 目录中的多个 ssh 密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!