如果“svnserve -t",如何通过 ssh 登录在authorized_keys 中给出? [英] how to login via ssh if "svnserve -t" is given in authorized_keys?
问题描述
我已经设置了一个 svn 存储库,我想通过 svn+ssh 访问它.
I have set up a svn repository that I want to access via svn+ssh.
为此,我遵循了http://svnbook.red-bean.com/en/1.7/svn-book.pdf.也就是说,我编辑了文件 ~/.ssh/authorized_keys 以包含以下行:
For that purpose, I followed the instructions given in http://svnbook.red-bean.com/en/1.7/svn-book.pdf. That is, I edited the file ~/.ssh/authorized_keys to include the following line:
command="svnserve -t -r/home/USER/svn --config-file=/home/USER/svn/conf/svnserve.conf --tunnel-user=SVN-USER" ssh-rsa PUBLIC-关键用户名-评论
command="svnserve -t -r /home/USER/svn --config-file=/home/USER/svn/conf/svnserve.conf --tunnel-user=SVN-USER" ssh-rsa PUBLIC-KEY USERNAME-COMMENT
我通过 svn-ssh 成功地进行了结帐、提交等操作——所以前面提到的 PDF 工作中给出的说明.但是,由于我添加了该行,因此无法再通过普通 SSH 登录服务器.登录时,控制台显示:
I am succeeding to do checkout, commit, etc., via svn-ssh -- so the instructions given in the before-mentioned PDF work. However, since I have added that line, I cannot log into the server via ordinary SSH anymore. When logging in, the console shows:
( 成功 ( 2 2 ( ) ( edit-pipeline svndiff1 缺席-entries commit-revprops 深度日志-revprops atomic-revprops 部分重播继承-props ephemeral-txnprops file-revs-reverse ) ) )
( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries commit-revprops depth log-revprops atomic-revprops partial-replay inherited-props ephemeral-txnprops file-revs-reverse ) ) )
每当我在控制台中输入任何内容时,我都会断开连接.
and whenever I type anything into the console, I am disconnected.
我猜是因为登录时执行了命令svnserve.但是,说明说我应该仍然可以通过ssh访问.那我为什么不是?关于我需要做什么的任何提示,以便我仍然能够通过 ssh 访问我的服务器,而不会失去通过 svn+ssh 访问我的存储库的能力?
I guess it is because the command svnserve is executed when logging in. However, the instructions say that I should still be able to access via ssh. So why ain't I? Any hints on what I need to do so I am still able to access my server via ssh without losing the capability to access my repository via svn+ssh?
推荐答案
在command"出现在您的密钥旁边的 authorized_keys 之前,您将无法登录.PDF 中提到该命令将在任何登录尝试时执行.
You will not be able to login until the "command" is present in the authorized_keys next to your key. It's mentioned in the PDF that the command will be executed on any login attempt.
您可以使用一种技巧.有两组密钥,一组用于登录,另一组用于让 SVN 工作.这是可行的,因为该命令仅在关联密钥实际用于登录时才执行.
There is one trick which you can use. Have 2 sets of keys, one you will use to login and the other to have SVN working. This would work because the command is only executed if the associated key is actually used to login.
在您登录的主机上,您现在可能有 2 个文件:.ssh/id_rsa 和 .ssh/id_rsa.pub.您需要创建一个新对ssh-keygen -f ~/.ssh/id_login".将 ~/.ssh/id_login.pub" 的内容复制到目标主机上的authorized_keys,然后登录该主机时使用ssh -i ~/.ssh/id_login HOST".
On the host where you login from you probably have now 2 files: .ssh/id_rsa and .ssh/id_rsa.pub. You need to create a new pair "ssh-keygen -f ~/.ssh/id_login". Copy the content of ~/.ssh/id_login.pub" to the authorized_keys on the destination host, then when you login to that host use "ssh -i ~/.ssh/id_login HOST".
基本上你应该在authorized_keys中有2行:
Basically you should have 2 lines in the authorized_keys:
command="svnserve -t ..." TYPE1 KEY1 user@example.com
TYPE2 KEY2 user@example.com
要自动使用身份,您可以将以下几行添加到工作站上的 .ssh/config 中:
To use automatically the identity you may add the following lines to the .ssh/config on your workstation:
Host destHost
Hostname destination_host_name
IdentityFile ~/.ssh/id_rsa
Host destHostlogin
Hostname destination_host_name
IdentityFile ~/.ssh/id_login
你可以定义任何你想让它更容易的主机标签并使用ssh标签"来连接.
You may define any Host label you want to have it easier and use "ssh label" to connect.
这篇关于如果“svnserve -t",如何通过 ssh 登录在authorized_keys 中给出?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
