配置git允许cli推/拉无需密码提示 - netrc被忽略？ [英] Configure git to allow cli push/pull without password prompt - netrc ignored?

问题描述

我刚刚开始了一份合同工作，并在公司的git仓库中有一个账户。问题是，给出的密码是字母数字乱码，所以我想配置git，以便在我的Ubuntu开发框中输入更少的密码。

I've just started a contract job, and have an account at the company git repository. Problem is, the password given is alphanumeric gibberish, so I'd like to configure git to allow for password less push/pulls on my Ubuntu development box.

这样做，我创建了一个 .netrc 文件，它在 $ HOME 中具有0600权限并添加了

To do so, I've created a .netrc file with 0600 permissions in $HOME and added

machine companyserver.com
login jason
password aphanumeric_gibberish

git clone命令由

The git clone command consists of

git clone jason@git.companyserver.com:/opt/git/jason.git 

即使删除我的本地工作副本并重新复制git repo to

Even after deleting my local working copy and re-cloning the git repo to

/media/storage/code_projects/company_working_copy

我仍然会收到密码提示。

I still get prompted for the password.

基于这些条件，使用 .netrc 更少推/拉？

Based on these conditions, how can I implement a password-less push/pull using .netrc?

推荐答案

您使用克隆公司回购的网址：

The url you are using the clone the company repo:

jason@git.companyserver.com:/opt/git/jason.git

看起来像Git的SSH网址，如用于 clone url的官方Linux Kernel Git文档：

looks like an SSH url for Git, as specified at the official Linux Kernel Git documentation for clone urls:

另一种类似scp的语法也可以用于ssh协议：

An alternative scp-like syntax may also be used with the ssh protocol:

[user@]host.xz:path/to/repo.git/

您的情况：

In your case:

1. user @ is jason @ 。


2. host.xz 是 git。 > /opt/git/jason.git 。

1. user@ is jason@.
2. host.xz is git.companyserver.com.
3. /path/to/repo.git/ is /opt/git/jason.git.

您需要设置一个SSH密钥至 使用无密码推送并使用远程Git回购进行抽取。您可以在 GitHub帮助页面上找到有关生成SSH密钥的信息。

You'll need to set up an SSH key to use "password-less" push and pulls with your remote Git repo. You can find such instructions at the GitHub help page on generating SSH keys.

但是，请注意，建议您仍然使用密码加密您的私人SSH密钥，因为如果有人设法从您的计算机上窃取私钥文件，那么就像窃取您的密码一样将能够在您使用该私钥的任何SSH服务上模拟您，如：

Be warned, however, that it's recommended that you still encrypt your private SSH key with a password, because if someone manages to steal the private key file from your computer, then it's like stealing your password and they'll be able to impersonate you on any SSH service you use with that private key, as explained by GitHub on why SSH passphrases are necessary:

密码不是很密码安全，你已经知道这一点。如果你使用一个容易记住的，那么猜测或蛮力就容易了。如果你使用的是随机的，那么很难记住，因此你更倾向于写下密码。这两个都是非常糟糕的事情™。这就是为什么你使用ssh密钥。

Passwords aren't very secure, you already know this. If you use one that's easy to remember, it's easier to guess or brute-force. If you use one that's random, it's hard to remember and thus you're more inclined to write the password down. Both of these are Very Bad Things™. This is why you're using ssh keys.

但是使用不带密码的密钥基本上与在计算机上的文件中记录随机密码相同。任何访问您的驱动器的人都可以访问您使用该密钥的每个系统。这也是一件非常糟糕的事情。解决方案很明显，请添加一个密码。

But using a key without a passphrase is basically the same as writing down that random password in a file on your computer. Anyone who gains access to your drive has gained access to every system you use that key with. This is also a Very Bad Thing™. The solution is obvious, add a passphrase.

在同一篇帮助文章中，他们还解释了how在终端会话期间使用* nix实用程序 ssh-agent 自动存储您的密码短语，以便您不必每次使用时都输入密码您的私钥来发出SSH请求。

In the same help article, they also explain how to use the *nix utility ssh-agent to automatically store your passphrase during a terminal session so that you don't have to keep entering it every time you use your private key to make an SSH request.

这篇关于配置git允许cli推/拉无需密码提示 - netrc被忽略？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！