GitLab SSH请求密码并忽略SSH密钥 [英] GitLab SSH requests password and ignoring SSH Keys

问题描述

我有一个新的gitlab-omnibus安装在CentOS 6框，我已经正确配置，可以访问网络界面，我已经添加了我的SSH密钥，但是当我尝试Git Clone新设置的repo，我通过SSH请求Git用户的密码。

这是一个详细的SSH的输出

 ╭_jacobclark @ Jacobs-MacBook-Pro〜
╰-$ ssh -vT git @ gitlab 130↵
 OpenSSH_6.2p2，OSSLShim 0.9.8r 8 Dec 2011 
 debug1：读取配置数据/ etc / ssh_config 
 debug1：/ etc / ssh_config第20行：* 
的选项debug1：连接到gitlab [37.26.93.221]端口22. 
 debug1：建立连接。 
 debug1：身份文件/Users/jacobclark/.ssh/id_rsa type 1 
 debug1：身份文件/Users/jacobclark/.ssh/id_rsa-cert类型-1 
 debug1：身份文件/用户/ jacobclark / .ssh / id_dsa类型-1 
 debug1：身份文件/Users/jacobclark/.ssh/id_dsa-cert类型-1 
 debug1：为协议2.0启用兼容模式
 debug1 ：本地版本字符串SSH-2.0-OpenSSH_6.2 
 debug1：远程协议版本2.0，远程软件版本OpenSSH_5.3 
 debug1：match：OpenSSH_5.3 pat OpenSSH_5 * 
 debug1：SSH2_MSG_KEXINIT sent 
 debug1：SSH2_MSG_KEXINIT received 
 debug1：kex：server-> client aes128-ctr hmac-md5 none 
 debug1：kex：client-> server aes128-ctr hmac-md5 none 
 debug1：SSH2_MSG_KEX_DH_GEX_REQUEST（1024 <1024 <8192）发送
 debug1：期望SSH2_MSG_KEX_DH_GEX_GROUP 
 debug1：SSH2_MSG_KEX_DH_GEX_INIT发送
 debug1：期望SSH2_MSG_KEX_DH_GEX_REPLY 
 debug1：服务器主机密钥：RSA a1： 62：aa：51：0c：20：f3：3e：10：17：c7：20：a4：0b：7b：16 
 debug1：Host'gitlab。'并且与RSA主机密钥匹配。 
 debug1：找到密钥in /Users/jacobclark/.ssh/known_hosts:1 
 debug1：ssh_rsa_verify：签名正确
 debug1：SSH2_MSG_NEWKEYS发送
 debug1：期望SSH2_MSG_NEWKEYS 
 debug1：SSH2_MSG_NEWKEYS收到
 debug1：服务器不允许漫游
 debug1：发送SSH2_MSG_SERVICE_REQUEST 
 debug1：SSH2_MSG_SERVICE_ACCEPT收到
 debug1：可以继续的身份验证：publickey，gssapi-keyex，gssapi- with-mic，password 
 debug1：下一个认证方法：publickey 
 debug1：提供RSA公钥：/Users/jacobclark/.ssh/id_rsa 
 debug1：认证可以继续：publickey，gssapi -keyex，gssapi-with-mic，password 
 debug1：尝试私钥：/Users/jacobclark/.ssh/id_dsa 
 debug1：下一个身份验证方法：password 
 git @ gitlab的密码：
  

解决方案

我在CentOs上有完全相同的问题，是由于Centrify用于管理ssh密钥，这是非标准的，但是我们公司服务器管理过程的一部分。

我不太熟悉Centrify作为其管理的另一个团队，但我解决了这个问题，通过创建一个sym链接从gitlab授权的密钥文件到/ etc / sshd / auth-keys / git。

authorizedkeys文件值为我提供了sym链接所需的位置，由 sshd -T / p>

导致此问题的解决：

  ln -s / var /opt/gitlab/.ssh/authorized_keys / etc / ssh / auth-keys / git 
  

I have a fresh gitlab-omnibus installation on a CentOS 6 box, I have configured it correctly and can access the web interface, I've added my SSH key however when I try to Git Clone a newly setup repo, I am asked for a password for the Git user via SSH. I have tried this with three different machines and three different accounts, and still the issue persists.

Here is the output from a verbose SSH

╭─jacobclark@Jacobs-MacBook-Pro  ~  
╰─$ ssh -vT git@gitlab                                                                                                                                                                     130 ↵
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to gitlab [37.26.93.221] port 22.
debug1: Connection established.
debug1: identity file /Users/jacobclark/.ssh/id_rsa type 1
debug1: identity file /Users/jacobclark/.ssh/id_rsa-cert type -1
debug1: identity file /Users/jacobclark/.ssh/id_dsa type -1
debug1: identity file /Users/jacobclark/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA a1:62:aa:51:0c:20:f3:3e:10:17:c7:20:a4:0b:7b:16
debug1: Host 'gitlab.' is known and matches the RSA host key.
debug1: Found key in /Users/jacobclark/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/jacobclark/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /Users/jacobclark/.ssh/id_dsa
debug1: Next authentication method: password
git@gitlab's password: 

解决方案

I had the exact same issue on CentOs, turned out to be due to Centrify being used to manage ssh keys, which is non standard, but part of our corporate server management processes.

I'm not overly familiar with Centrify as its managed by another team, but I resolved this issue by creating a sym link from the gitlab authorised-keys file into /etc/sshd/auth-keys/git.

The authorizedkeys file value gave me the location the sym link needed to go to, determined with sshd -T

Resulting in this resolving my issue:

ln -s /var/opt/gitlab/.ssh/authorized_keys /etc/ssh/auth-keys/git

这篇关于GitLab SSH请求密码并忽略SSH密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！