堆栈内存溢出
  简体   繁体   English

IdentityFile 在 ssh 配置中被忽略

[英]IdentityFile ignored in ssh configuration

 原文  2015-02-02 17:18:27       linux/ git/ ssh

问题描述

My ssh configuration inside /root/.ssh/config :我在/root/.ssh/config ssh配置:

Host *
  IdentityFile /root/.ssh/id_rsa_api
  IdentityFile /root/.ssh/id_rsa_ui

I use these keys to be able to clone GitHub repositories.我使用这些密钥来克隆 GitHub 存储库。 However, only the first IdentityFile (API) works.但是,只有第一个IdentityFile (API) 有效。 For the second, it says Repository not found as I start cloning.第二,当我开始克隆时,它说Repository not found When I swap the configuration like:当我交换配置时:

Host *
  IdentityFile /root/.ssh/id_rsa_ui
  IdentityFile /root/.ssh/id_rsa_api

This way I can clone the UI, but not the API.这样我可以克隆 UI,但不能克隆 API。 As a consequence, I see that the keys are correct, but the second IdentityFile is always ignored.结果,我看到密钥是正确的,但始终忽略第二个 IdentityFile。 What could the problem be?可能是什么问题?

I cannot use ssh-add because I configure ssh inside a Dockerfile and ssh-agent is not running when the container is build.我无法使用ssh-add,因为我在 Dockerfile 中配置了ssh并且在构建容器时 ssh-agent 没有运行。

2 个解决方案

解决方案1
 3  2015-02-02 18:43:15

Do you have any other keys besides the two you've listed in the question?除了您在问题中列出的两个键之外,您还有其他任何键吗? The OpenSSH server sshd will drop a client after too many failed authentication attempts. OpenSSH 服务器sshd将在多次失败的身份验证尝试后丢弃客户端。 If you have enough keys, your client may be trying all of them and being dropped before it gets through all of the keys you've listed.如果您有足够的密钥,您的客户端可能会尝试所有这些密钥,并在通过您列出的所有密钥之前被丢弃。 Running ssh with the -v parameter will show which keys ssh tries to use to authenticate.使用-v参数运行ssh将显示 ssh 尝试使用哪些密钥进行身份验证。

The sshd_config parameter MaxAuthTries determines how many times a client can attempt to authenticate. sshd_config参数MaxAuthTries确定客户端可以尝试进行身份验证的次数。 The default is 6.默认值为 6。

If this is the problem, you may be able to avoid it by setting the ssh_config parameter IdentitiesOnly .如果这是问题所在,您可以通过设置ssh_config参数IdentitiesOnly来避免它。 This prevents your client from using identities that didn't come from the ssh configuration files.这可以防止您的客户端使用不是来自 ssh 配置文件的身份。 Another thing to consider is to use more specific Host or Match directives, so you only apply a key to the specific hosts where the key should be used.要考虑的另一件事是使用更具体的HostMatch指令,因此您只需将密钥应用于应使用密钥的特定主机。

解决方案2
 1 已采纳  2015-02-03 21:27:25

https://developer.github.com/guides/managing-deploy-keys/#deploy-keys https://developer.github.com/guides/managing-deploy-keys/#deploy-keys

Deploy keys only grant access to a single repository.部署密钥仅授予对单个存储库的访问权限。 More complex projects may have many repositories to pull to the same server更复杂的项目可能有许多存储库要拉到同一个服务器

So I dropped using deploy keys.所以我放弃了使用部署密钥。 Instead I created an ssh key that allows access to all of my private repositories.相反,我创建了一个 ssh 密钥,允许访问我的所有私有存储库。 This way I have a single IdentityFile.这样我就有了一个 IdentityFile。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用IdentityFile通过SSH远程运行sudo命令? - How to run a sudo command, remotely, trough SSH, using an IdentityFile? SSH 发送具有相同配置的不同密钥 - SSH sends different keys with this same configuration ssh 不启动,配置选项错误 - ssh does not start, bad configuration option QT Creator CMake 配置问题:添加参数被忽略 - QT Creator CMake Configuration Issue: Adding parameters ignored Linux tc(流量控制)工具-配置后出现ssh连接问题 - Linux tc (traffic control) tool - problebs with ssh connection after configuration 在主机访问控制中配置后无法访问 WHM 和 SSH/root - Cannot access WHM and SSH/root after a configuration in Host Access Control Windows上Eclipse IDE的系统范围的SSH配置文件 - System-wide SSH configuration file for Eclipse IDE on Windows 如何修复我的SSH配置以在SSH代理后面使用git? - How do I fix my SSH configuration to use git behind an SSH proxy? 重击如果$? 被忽略 - Bash if $? ignored 忽略分配给静态变量 - Assignment to static variable is ignored
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM