Windows真的能自发地为git重新生成我的ssh密钥吗？

Question

For years, every time I (or anyone else in my company, it seems) tries to use git on windows, everything will work fine for awhile, until suddenly it acts like it doesn't know what an ssh key is anymore. It'll stop prompting me for it's password, and instead ask me for the git server's password instead.

ssh -v pointed me in the right direction, namely that windows DOES know about my ssh key, but it doesn't seem to be accepted by my server.

    $ ssh -v git@git.myhost.lan
OpenSSH_6.6.1, OpenSSL 1.0.1i 6 Aug 2014
debug1: Reading configuration data /c/Users/eschjen/.ssh/config
debug1: /c/Users/eschjen/.ssh/config line 1: Applying options for git.myhost
.lan
debug1: Connecting to git.myhost.lan [10.116.22.40] port 22.
debug1: Connection established.
debug1: identity file /c/Users/eschjen/.ssh/id_rsa type 1
debug1: identity file /c/Users/eschjen/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA ae:81:77:0d:1c:8e:6a:aa:a8:69:36:1b:e4:ca:33:ee
debug1: Host 'git.myhost.lan' is known and matches the RSA host key.
debug1: Found key in /c/Users/eschjen/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mi
c,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/eschjen/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mi
c,password
debug1: Next authentication method: password
git@git.myhost.lan's password:

Looking at my server, I could see that my old windows public ssh key is uploaded, but that it no longer matches the one on my machine. Uploading the new key as if it were a new computer fixes the problem completely.

Is this something that windows just does occasionally? Why on earth would my key suddenly be invalid? I generated it probably less than a year ago.

Answer 1

Windows does not reset the ssh keys by itself.

But id_rsa / id_rsa.pub are the default ssh private and public key filenames.
That means if any other app generates a new set of keys, said keys will be overwritten.

A possible workaround, in order to improve the robustness of the ssh setup, is to:

• rename your keys in in %HOME%\\.ssh :
• add in %HOME%\\.ssh\\config the full path of the private key

Something like:

Host git.myhost.lan
  HostName git.myhost.lan
  User git
  IdentityFile C/Users/<yourLogin>/.ssh/git.myhost.lan

Then try ssh -Tv git.myhost.lan (no need for git@ )

Answer 2

Another possible option is that your ssh-agent is stopped for some reason so you have to start it

How to restart ssh-agent?

// restart ssh agent
eval $(ssh-agent)

// verify that your ssh keys are added to the agent
// if you dont specify key it will use the default keys
ssh-add