SSH私钥使用Git GUI或ssh-keygen的权限过于开放 [英] SSH Private Key Permissions using Git GUI or ssh-keygen are too open
问题描述
最近我无法克隆或推送到github,我试图找到根本原因。
这是在Windows上
我有cygwin + git以及msysgit。
Msysgit安装了以下选项:
- OpenSSH
- 从Windows命令提示符使用Git
这给我4个环境尝试使用git:
-
-
-
-
-
不知怎的,我设法使自己进入一个位置,当我试图克隆一个仓库使用msysgit,cmd.exe或Powershell,我得到以下错误:
>
中初始化的空Git存储库> C:/sandbox/SomeProject/.git/
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@
> @警告:未保护的私钥文件! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@
>权限0644为
> '/c/Users/Ben/.ssh/id_rsa'are too
>打开。建议您的
>私钥文件不可访问
>由其他人。这个私钥是
>忽略。错误权限:忽略键:
> /c/Users/Ben/.ssh/id_rsa权限
> denied(publickey)。致命:远程
>结束意外地挂起
这是使用c:\\\\users\ben中的.ssh文件夹\文件夹,这是msysgit使用的。
在Git Bash中,我检查权限,因此我怀疑cygwin可以工作,因为.ssh文件夹位于其他位置。 :
$ ls -l -a〜/ .ssh
这给了我:
drwxr-xr-x 2 0 Oct 12 13:09。
drwxr-xr-x 34 Ben Administ 8192 Oct 12 13:15 ..
-rw-r - r-- 1 Ben Administ 1743 Oct 12 12:36 id_rsa
-rw- r - r-- 1 Ben Administ 399 Oct 12 12:36 id_rsa.pub
-rw-r - r-- 1 Ben Administ 407 Oct 12 13:09 known_hosts
这些权限显然太轻松了。
我可以尝试改变它们...
$ chmod -v -R 600〜/ .ssh
告诉我:
`.ssh'的模式更改为0600(rw -------)
模式的`.ssh / id_rsa'更改为0600(rw -------)
模式的`.ssh / id_rsa.pub'更改为0600(rw -------)
模式的`.ssh / known_hosts'更改为0600(rw -------)
但它似乎没有效果。我仍然得到相同的错误,并执行
$ ls -l -a〜/ .ssh
UPDATE:
/ strong>
我试图修复cygwin中这些文件的权限,cygwin正确地报告他们的权限,gitbash不会:
文字http://cdn.cloudfiles.mosso.com/c54102/app7962031255448924.jpg
有关如何真正修复这些权限的任何想法?
解决方案目录,我同意Splash是一个坏主意。如果你能记住目录的原始权限,我会尝试设置它们,然后进行以下操作:
.ssh文件夹中的> cd〜/ .ssh
chmod 700 id_rsa
这将为所有者(您)将id_rsa文件设置为rwx(读取,写入,执行),并为所有其他人禁止访问。
记住原始设置,添加一个新用户并为该用户创建一组SSH密钥,从而创建一个具有默认权限的新.ssh文件夹。您可以使用新的.ssh文件夹作为将.ssh文件夹和文件重置为的权限的参考。
如果这不起作用,我会尝试做一个卸载msysgit,删除计算机上的所有.ssh文件夹(仅为安全措施),然后重新安装msysgit与所需的设置,然后尝试重新开始(虽然我想你告诉我你已经尝试过了)。
已编辑:也可以通过Google找到此链接 - 修复警告:未保护的私有密钥文件! on Linux 虽然它的目标是linux,它可能有帮助,因为我们谈到liunx权限等。
Recently I've been unable to clone or push to github, and I'm trying to find the root cause.
This is on windows
I have cygwin + git as well as msysgit.
Msysgit was installed with the following options:
- OpenSSH
- Use Git from Windows Command Prompt
That gives me 4 environments to try to use git in:
- Windows cmd prompt
- Powershell
- Git Bash
- Cygwin
Somehow I've managed to get myself into a position where when I try to clone a repository using msysgit, cmd.exe, or Powershell, I get the following error:
> Initialized empty Git repository in > C:/sandbox/SomeProject/.git/ > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > Permissions 0644 for > '/c/Users/Ben/.ssh/id_rsa' are too > open. It is recommended that your > private key files are NOT accessible > by others. This private key will be > ignored. bad permissions: ignore key: > /c/Users/Ben/.ssh/id_rsa Permission > denied (publickey). fatal: The remote > end hung up unexpectedlyThis is using the .ssh folder in my c:\users\ben\ folder, which is what is used by msysgit. I suspect cygwin works because the .ssh folder is located elsewhere, but I'm not sure why
In Git Bash, I check the permissions:
$ ls -l -a ~/.sshWhich gives me:
drwxr-xr-x 2 Ben Administ 0 Oct 12 13:09 . drwxr-xr-x 34 Ben Administ 8192 Oct 12 13:15 .. -rw-r--r-- 1 Ben Administ 1743 Oct 12 12:36 id_rsa -rw-r--r-- 1 Ben Administ 399 Oct 12 12:36 id_rsa.pub -rw-r--r-- 1 Ben Administ 407 Oct 12 13:09 known_hostsThese permissions are apparently too relaxed. How they got this way, I have no idea.
I can try to change them...
$ chmod -v -R 600 ~/.sshwhich tells me:
mode of `.ssh' changed to 0600 (rw-------) mode of `.ssh/id_rsa' changed to 0600 (rw-------) mode of `.ssh/id_rsa.pub' changed to 0600 (rw-------) mode of `.ssh/known_hosts' changed to 0600 (rw-------)But it seems to have no effect. I still get the same error, and doing
$ ls -l -a ~/.sshyields the same permissions as before.
UPDATE:
I tried to fix the permissions to those files in cygwin, and cygwin reports their permissions correctly, gitbash does not: alt text http://cdn.cloudfiles.mosso.com/c54102/app7962031255448924.jpg
Any ideas on how I can really fix these permissions?
解决方案You changed the permissions on the whole directory, which I agree with Splash is a bad idea. If you can remember what the original permissions for the directory are, I would try to set them back to that and then do the following
cd ~/.ssh chmod 700 id_rsainside the .ssh folder. That will set the id_rsa file to rwx (read, write, execute) for the owner (you) only, and zero access for everyone else.
If you can't remember what the original settings are, add a new user and create a set of SSH keys for that user, thus creating a new .ssh folder which will have default permissions. You can use that new .ssh folder as the reference for permissions to reset your .ssh folder and files to.
If that doesn't work, I would try doing an uninstall of msysgit, deleting ALL .ssh folders on the computer (just for safe measure), then reinstalling msysgit with your desired settings and try starting over completely (though I think you told me you tried this already).
Edited: Also just found this link via Google -- Fixing "WARNING: UNPROTECTED PRIVATE KEY FILE!" on Linux While it's targeted at linux, it might help since we're talking liunx permissions and such.
这篇关于SSH私钥使用Git GUI或ssh-keygen的权限过于开放的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
