如何为每个git存储库管理一个唯一的密钥? [英] How to manage one only key per each git repository?
问题描述
我在两种情况下使用git:
- 我使用一些 Github 存储库。 b $ b
- 目前我正在使用OpenShift,它使用 ssh 和 git 进行部署。
$ b首先,我使用
ssh-keygen来生成在OpenShift站点更新的密钥。这样的密钥存储在〜/ .ssh /并创建id_rsa和id_rsa.pub。
然后我开始从Github克隆一个仓库,我曾经做过ssh-keygen再次开始推送,它工作正常。然后我克隆了另一个存储库并开始遇到问题:
克隆到第二个存储库时出现问题。每次尝试推送时都会显示如下内容:
错误:diegoaguilar / cursoJava.git的权限被拒绝diegoaguilar / cursoCannibalCreatures。
致命:远程终端意外挂断
但是可以看到
diegoaguilar / cursoCannibalCreatures不正确,因为它是 另一个 存储库。
我甚至尝试删除这样的版本库目录,并再次克隆它,发生同样的事情。
我已经得到
〜/ .ssh:
config:主机cursoJava
主机名github.com
用户git
IdentityFile〜/ .ssh / id_java
主机cursoCannibalCreatures
主机名github.com
用户git
IdentityFile〜/ .ssh / id_cannibal
主机openshift
主机名openshift.com
User git
IdentityFile〜/ .ssh / openshift
所以得到:
id_cannibal id_cannibal.pub id_java id_java.pub known_hosts
类似于
id_openshif t 和id_openshift.pub不存在,但由于它不起作用,我现在不在乎。
我创建了这样的文件,它们是
.pubbyssh-keygen -f< filename>并给每个不同的密码短语。我在每个Github存储库设置中添加了.pub的部署密钥的内容。
我是什么做错了?这应该如何工作?而且,在另一台机器上工作时,如何正确获取这些密钥,证明它是我的并透明地工作?
编辑
git remote -v:
- 对于cursoJava存储库
origin git@github.com:diegoaguilar / cursoJava.git(fetch)
origin git@github.com:diegoaguilar / cursoJava.git(push)
- 对于cursoCannibalCreatures
原点git@github.com:diegoaguilar / cursoCannibalCreatures.git(fetch)
origin git@github.com:diegoaguilar / cursoCannibalCreatures.git(推送)
,诀窍是不要为你的public:private keys使用默认的id_rsa(.pub)名称(因为yo只能定义其中一个),但是名称不同。 b
$ b
但是,只有当您以不同的用户访问这些回购
时, e,您正在通过同一用户访问回购站,并且一个ssh密钥就足够了。请参阅 GitHub帮助 :
此错误表示您推送的密钥作为部署密钥附加到另一个存储库,并且无法访问您要尝试推送的存储库。
要解决此问题,请从存储库中除去部署密钥,然后 将密钥附加到您的用户帐户 。
这是为两个不同用户使用GitHub。
然后,您可以定义一个〜/ .ssh / config 文件,您可以在其中按照完整路径引用每个私钥:
主机github1
主机名github.com
用户git
IdentityFile〜/ .ssh / id_repo1
主机github2
主机名github。 com
User git
IdentityFile〜/ .ssh / id_repo2
git@gihub.com:user / repo1 ,您可以使用:
github1:user / repo1
使用键主机入口' github1 '来引用用户( git ),主机名( github .com )以及使用〜/ .ssh / id_repo1(.pub)
的确切私钥/公钥
因此,如果您有第二个使用存储为〜/ .ssh / id_repo2(.pub)的密钥的repo, code>,你需要使用上面定义的条目' github2 '(你可以按照你的意思命名),然后更改你对原点的URL:
git remote set-url origin github2:user / repo2
这样,a git push 将使用正确的键( repo2 )
如果您不这样做,您将能够推送一个回购(使用默认键〜/ .ssh / id_rsa(.pub),默认名称),但您无法推送到第二个需要一组不同的公钥/私钥的repo。
I use git under two scenarios:
- I use some Github repositories.
- I'm currently working with OpenShift, which uses ssh and git for deployment.
First, I used ssh-keygen for generating a key which updated at OpenShift site. Such key is stored at ~/.ssh/ and created id_rsa and id_rsa.pub.
Then I started cloning a repository from Github, I once did ssh-keygen again and started pushing, it worked ok. Then I cloned another repository and started having problems:
I got problems when cloning to the second repository. Every time I try to push will show something like:
ERROR: Permission to diegoaguilar/cursoJava.git denied to diegoaguilar/cursoCannibalCreatures. fatal: The remote end hung up unexpectedly
But as it can be seen diegoaguilar/cursoCannibalCreatures isn't correct as it's another repository.
I even tried removing such repository directory, and cloning it again, same happened.
I already got under ~/.ssh:
config:
Host cursoJava
Hostname github.com
User git
IdentityFile ~/.ssh/id_java
Host cursoCannibalCreatures
Hostname github.com
User git
IdentityFile ~/.ssh/id_cannibal
Host openshift
Hostname openshift.com
User git
IdentityFile ~/.ssh/openshift
And so got:
id_cannibal id_cannibal.pub id_java id_java.pub known_hosts
Something like id_openshift and id_openshift.pub isn't there but as it's not working, I don't care much now.
I created such files and they're .pub by ssh-keygen -f <filename> and gave different pass phrases to each. I added the content of the .pub's as deploy keys at each Github repository settings.
What am I doing wrong? How is this supposed to work? And, when working at another machine, how to properly obtain these keys, proof it's me and work transparently?
EDIT
Output of git remote -v:
- For cursoJava repository
origin git@github.com:diegoaguilar/cursoJava.git (fetch)
origin git@github.com:diegoaguilar/cursoJava.git (push)
- For cursoCannibalCreatures
origin git@github.com:diegoaguilar/cursoCannibalCreatures.git (fetch)
origin git@github.com:diegoaguilar/cursoCannibalCreatures.git (push)
As mentioned in "ssh,github,it doesnot work", the trick is to not use the default id_rsa(.pub) names for your public:private keys (because yo can only define one couple of those), but different names.
But that would be only if you were to access those repos as different users
In your case, you are accessing the repos with the same users, and one ssh key should be enough.
See "GitHub help":
This error means the key you are pushing with is attached to another repository as a deploy key, and does not have access to the repository you are trying to push to.
To remedy this, remove the deploy key from the repository, and attach the key to your user account instead.
This is for using GitHub for two different users.
You then define a ~/.ssh/config file in which you reference each private keys by their full path:
Host github1
HostName github.com
User git
IdentityFile ~/.ssh/id_repo1
Host github2
HostName github.com
User git
IdentityFile ~/.ssh/id_repo2
Instead of using git@gihub.com:user/repo1, you would use:
github1:user/repo1
That uses the key Host entry 'github1' to reference the user (git), hostname (github.com) and the exact private/public key to use ~/.ssh/id_repo1(.pub)
So if you have a second repo which use a second key stored as ~/.ssh/id_repo2(.pub), you need to use the entry 'github2' (you can name it as you want) defined above, and then change the url you have for origin:
git remote set-url origin github2:user/repo2
That way, a git push will use the right key (the one for the repo2)
If you don't, you will be able to push for one repo (using the default key ~/.ssh/id_rsa(.pub), default name), but you won't be able to push to the second repo, which need a different set of public/private key.
这篇关于如何为每个git存储库管理一个唯一的密钥?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
