一台机器上有多个gitolite用户 [英] Multiple gitolite users on one machine
问题描述
我在远程计算机上设置了gitolite,并从本地配置它。我不想让我的活动显示为管理员,并创建用户和密钥诺亚。创建诺亚回购后,我被拒绝访问。我相信因为我还是管理员。
所以我在一台机器上有两个账户。如何切换?
谢谢
更新:
这里是我的本地〜/ .ssh / config /:
#noah账户
主机git-noah
HostName remote
User git
IdentityFile〜/ .ssh / noah< / code>
本地命令:
git clone git-noah @ remote -ip:reponame
远程的authorized_keys:
command =/ usr / share / gitolite / gl-auth-command noah,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa ...
重要的是,我在Mac上。我还完成了 ssh-add -K〜/ .ssh / noah
更新2:
以下是auth.log:
server sshd [2834]:无效的用户git-noah from localip
server sshd [2834]:input_userauth_request:invalid user git-noah [preauth]
以下是本地权限:
drwx ------ + 13 noah 442 4月19日14:47。 ssh
远程权限:
-rwx ------ 1 git 1067 Apr 19 14:57 authorized_keys
drw ------- 2 git 4096 Apr 19 14:57 .ssh
如果您使用不同的ssh密钥像gitolite这样的程序如何工作?),您切换的方式是使用ssh url指示ssh的外观诺亚的钥匙(而不是管理员的钥匙)。
为此,你需要一个ssh confi g文件(在 HOME / .ssh / config
中),详见通过portablegit使用github时如何使用指定键?:
#admin account
Host gitolite-admin
HostName yourGitoliteServer
User git
IdentityFile〜/ .ssh / id_rsa_admin
$ b $ #noah账户
Host gitolite-noah
HostName yourGitoliteServer
User git
IdentityFile〜/ .ssh / id_rsa_noah
你的回购为诺亚,你会使用一个URL参考正确的条目在SSH配置文件。
git clone gitolite- noah:yourRepo.git
通过使用该URL,您可以设置名为 origin
:你可以在 git remote -v
中看到它。
任何使用该远程名称的命令(如git pull origin或git push origin)都将使用该ssh url,该exp是合法地引用一个特定的私人ssh密钥,它反过来将你标识为Gitolite noah
。
调试ssh最有效的方法是检查sshd如何监听服务器上的查询。
由于它是一个debian( 按照讨论):
$ b在服务器上$ b
-
/ usr / sbin / sshd -d -D -p 222
- $ b
$ >(注意使用专用端口的技巧,这样,不需要停止实际的sshd:它只是一个特殊端口上的一次性会话,仅用于调试目的)
我们很快就看到了一个
无法打开授权密钥'/home/git/.ssh/authorized_keys':Permission denied
其中符合:
root @ server:/#ls -lato〜git /
drw ------- 2 git 4096 Apr 19 14:57 .ssh
A
chmod 700〜git / .ssh
修正了这种情况。I've set up gitolite on a remote machine and configured it from my local. I didn't want to have my activity shown as "admin" and created the user and key "noah". After creating a repo for "noah", I was denied access. I believe because I was still "admin".
So I have two accounts on one machine. How do I switch?
Thanks
UPDATE:
Here is my local ~/.ssh/config/:
#noah account Host git-noah HostName remote User git IdentityFile ~/.ssh/noah</code>
command on local:
git clone git-noah@remote-ip:reponame
authorized_keys on remote:
command="/usr/share/gitolite/gl-auth-command noah",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa ...
If it matters, I'm on a Mac. I've also done
ssh-add -K ~/.ssh/noah
UPDATE 2:
Here is auth.log:
server sshd[2834]: Invalid user git-noah from localip server sshd[2834]: input_userauth_request: invalid user git-noah [preauth]
Here's the local permissions:
drwx------+ 13 noah 442 19 Apr 14:47 .ssh
Remote permissions:
-rwx------ 1 git 1067 Apr 19 14:57 authorized_keys drw------- 2 git 4096 Apr 19 14:57 .ssh
解决方案If you are using those tow accounts with different ssh keys (as described in "How do programs like gitolite work?"), the way you switch is by using an ssh url which instructs ssh to look for noah's key (instead of admin's key).
For that, you need an ssh config file (in your
HOME/.ssh/config
), as I detailed in "How to use specified key when working with github via portablegit?":#admin account Host gitolite-admin HostName yourGitoliteServer User git IdentityFile ~/.ssh/id_rsa_admin #noah account Host gitolite-noah HostName yourGitoliteServer User git IdentityFile ~/.ssh/id_rsa_noah
To clone your repo made for noah, you would use an url which reference the right entry in the ssh config file.
git clone gitolite-noah:yourRepo.git
By using that url, you are setting a remote named
origin
: you can see it withgit remote -v
.That means any command using that remote name (like git pull origin or git push origin) will use that ssh url, which explicitly refers to a specific private ssh key, which in turn identifies you to Gitolite as
noah
.
The most effective way to debug ssh is by checking how the sshd listen to the query on the server.
Since it is a debian (as per out discussion):
/usr/sbin/sshd -d -D -p 222
on the server,ssh -p 222 -Tv git-noah
on the client
(note the trick of using a dedicated port, that way, no need to stop the actual sshd: it is a one-time session on a special port for debug purpose only)
We quickly saw a
Could not open authorized keys '/home/git/.ssh/authorized_keys': Permission denied
Which is consistent with:
root@server:/# ls -lato ~git/ drw------- 2 git 4096 Apr 19 14:57 .ssh
A
chmod 700 ~git/.ssh
fixed the situation.这篇关于一台机器上有多个gitolite用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!