为给定域指定git push的SSH密钥 [英] Specify an SSH key for git push for a given domain
问题描述
我有以下用例:我希望能够使用用户的私有密钥推送到 git@git.company.com:gitolite-admin
code> gitolite-admin ,而我想要使用'我自己的'私人文件推送到 git@git.company.com:some_repo
键。 AFAIK,我无法使用〜/ .ssh / config
来解决这个问题,因为在这两种情况下用户名和服务器名是相同的。由于我主要使用自己的私钥,所以我在〜/ .ssh / config
中定义了 git@git.company.com
。有谁知道一种方法来覆盖用于单个 git
调用的密钥?
(除此之外: gitolite根据密钥区分谁在推送推送,因此在访问,所有权和审计方面,不存在问题,即user @ server字符串对于不同的用户是相同的。)
主机gitolite-as-alice
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_rsa.alice
IdentitiesOnly yes
Host gitolite-as-bob
HostName git.company .com
User git
IdentityFile /home/whoever/.ssh/id_dsa.bob
IdentitiesOnly yes
然后你可以使用 gitolite-as-alice
和 gitolite-as-bob
而不是你的URL中的主机名:
git remote add alice git @ gitolite-as-alice:whatever.git
git remote add bob git @ gitolite-as-bob:whatever.git
注意
您希望包含选项 IdentitiesOnly yes
以防止使用默认ID。否则,如果您也有与默认名称匹配的id文件,则它们将首先尝试,因为与其他配置选项(它遵守first in wins)不同, IdentityFile
选项追加到身份列表中去尝试。请参阅: https://serverfault.com/问题/ 450796 / how-could-i-stop-ssh-offering-wrong-key / 450807#450807
I have the following use case: I would like to be able to push to git@git.company.com:gitolite-admin
using the private key of user gitolite-admin
, while I want to push to git@git.company.com:some_repo
using 'my own' private key. AFAIK, I can't solve this using ~/.ssh/config
, because the user name and server name are identical in both cases. As I mostly use my own private key, I have that defined in ~/.ssh/config
for git@git.company.com
. Does anyone know of a way to override the key that is used for a single git
invocation?
(Aside: gitolite distinguishes who is doing the pushing based on the key, so it's not a problem, in terms of access, ownership and auditing, that the user@server string is identical for different users.)
Even if the user and host are the same, they can still be distinguished in ~/.ssh/config
. For example, if your configuration looks like this:
Host gitolite-as-alice
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_rsa.alice
IdentitiesOnly yes
Host gitolite-as-bob
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_dsa.bob
IdentitiesOnly yes
Then you just use gitolite-as-alice
and gitolite-as-bob
instead of the hostname in your URL:
git remote add alice git@gitolite-as-alice:whatever.git
git remote add bob git@gitolite-as-bob:whatever.git
Note
You want to include the option IdentitiesOnly yes
to prevent the use of default ids. Otherwise, if you also have id files matching the default names, they will get tried first because unlike other config options (which abide by "first in wins") the IdentityFile
option appends to the list of identities to try. See: https://serverfault.com/questions/450796/how-could-i-stop-ssh-offering-a-wrong-key/450807#450807
这篇关于为给定域指定git push的SSH密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!