为给定域指定git push的SSH密钥 [英] Specify an SSH key for git push for a given domain
问题描述
我有以下用例:我希望能够使用用户的私有密钥推送到 git@git.company.com:gitolite-admin code> gitolite-admin ,而我想要使用'我自己的'私人文件推送到 git@git.company.com:some_repo 键。 AFAIK,我无法使用〜/ .ssh / config 来解决这个问题,因为在这两种情况下用户名和服务器名是相同的。由于我主要使用自己的私钥,所以我在〜/ .ssh / config 中定义了 git@git.company.com 。有谁知道一种方法来覆盖用于单个 git 调用的密钥?
(除此之外: gitolite根据密钥区分谁在推送推送,因此在访问,所有权和审计方面,不存在问题,即user @ server字符串对于不同的用户是相同的。)
主机gitolite-as-alice
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_rsa.alice
IdentitiesOnly yes
Host gitolite-as-bob
HostName git.company .com
User git
IdentityFile /home/whoever/.ssh/id_dsa.bob
IdentitiesOnly yes
然后你可以使用 gitolite-as-alice 和 gitolite-as-bob 而不是你的URL中的主机名:
git remote add alice git @ gitolite-as-alice:whatever.git
git remote add bob git @ gitolite-as-bob:whatever.git
注意
您希望包含选项 IdentitiesOnly yes 以防止使用默认ID。否则,如果您也有与默认名称匹配的id文件,则它们将首先尝试,因为与其他配置选项(它遵守first in wins)不同, IdentityFile 选项追加到身份列表中去尝试。请参阅: https://serverfault.com/问题/ 450796 / how-could-i-stop-ssh-offering-wrong-key / 450807#450807
I have the following use case: I would like to be able to push to git@git.company.com:gitolite-admin using the private key of user gitolite-admin, while I want to push to git@git.company.com:some_repo using 'my own' private key. AFAIK, I can't solve this using ~/.ssh/config, because the user name and server name are identical in both cases. As I mostly use my own private key, I have that defined in ~/.ssh/config for git@git.company.com. Does anyone know of a way to override the key that is used for a single git invocation?
(Aside: gitolite distinguishes who is doing the pushing based on the key, so it's not a problem, in terms of access, ownership and auditing, that the user@server string is identical for different users.)
Even if the user and host are the same, they can still be distinguished in ~/.ssh/config. For example, if your configuration looks like this:
Host gitolite-as-alice
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_rsa.alice
IdentitiesOnly yes
Host gitolite-as-bob
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_dsa.bob
IdentitiesOnly yes
Then you just use gitolite-as-alice and gitolite-as-bob instead of the hostname in your URL:
git remote add alice git@gitolite-as-alice:whatever.git
git remote add bob git@gitolite-as-bob:whatever.git
Note
You want to include the option IdentitiesOnly yes to prevent the use of default ids. Otherwise, if you also have id files matching the default names, they will get tried first because unlike other config options (which abide by "first in wins") the IdentityFile option appends to the list of identities to try. See: https://serverfault.com/questions/450796/how-could-i-stop-ssh-offering-a-wrong-key/450807#450807
这篇关于为给定域指定git push的SSH密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
