GitLab SSH 请求密码并忽略 SSH 密钥 [英] GitLab SSH requests password and ignoring SSH Keys

问题描述

我在 CentOS 6 机器上安装了全新的 gitlab-omnibus，我已经正确配置它并且可以访问 Web 界面，我已经添加了我的 SSH 密钥但是当我尝试 Git 克隆一个新设置的存储库时，我是通过 SSH 要求 Git 用户的密码.我已经用三台不同的机器和三个不同的帐户尝试过这个，但问题仍然存在.

I have a fresh gitlab-omnibus installation on a CentOS 6 box, I have configured it correctly and can access the web interface, I've added my SSH key however when I try to Git Clone a newly setup repo, I am asked for a password for the Git user via SSH. I have tried this with three different machines and three different accounts, and still the issue persists.

这是来自详细 SSH 的输出

Here is the output from a verbose SSH

╭─jacobclark@Jacobs-MacBook-Pro  ~  
╰─$ ssh -vT git@gitlab                                                                                                                                                                     130 ↵
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to gitlab [37.26.93.221] port 22.
debug1: Connection established.
debug1: identity file /Users/jacobclark/.ssh/id_rsa type 1
debug1: identity file /Users/jacobclark/.ssh/id_rsa-cert type -1
debug1: identity file /Users/jacobclark/.ssh/id_dsa type -1
debug1: identity file /Users/jacobclark/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA a1:62:aa:51:0c:20:f3:3e:10:17:c7:20:a4:0b:7b:16
debug1: Host 'gitlab.' is known and matches the RSA host key.
debug1: Found key in /Users/jacobclark/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/jacobclark/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /Users/jacobclark/.ssh/id_dsa
debug1: Next authentication method: password
git@gitlab's password: 

推荐答案

我在 CentO 上遇到了完全相同的问题，原来是由于 Centrify 被用于管理 ssh 密钥，这是非标准的，但我们公司的一部分服务器管理流程.

I had the exact same issue on CentOs, turned out to be due to Centrify being used to manage ssh keys, which is non standard, but part of our corporate server management processes.

我不太熟悉 Centrify，因为它由另一个团队管理，但我通过从 gitlab 授权密钥文件创建符号链接到/etc/sshd/auth-keys/git 解决了这个问题.

I'm not overly familiar with Centrify as its managed by another team, but I resolved this issue by creating a sym link from the gitlab authorised-keys file into /etc/sshd/auth-keys/git.

authorizedkeys 文件值给了我符号链接需要去的位置，由 sshd -T

The authorizedkeys file value gave me the location the sym link needed to go to, determined with sshd -T

这解决了我的问题:

ln -s /var/opt/gitlab/.ssh/authorized_keys /etc/ssh/auth-keys/git

这篇关于GitLab SSH 请求密码并忽略 SSH 密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！