[英]Authorizing to my git server with `.ssh/authorized_keys` does not work
I setup a git server 2.30.2 on my NAS with debian bullseye.我用 debian bullseye 在我的 NAS 上设置了一个 git server 2.30.2。
User is git
with home directory /media/nas/programming/git_repos/
and shell /bin/bash
.用户是
git
主目录/media/nas/programming/git_repos/
和 shell /bin/bash
。
home directory and all of its subdirectories/files are owned by git:git
.主目录及其所有子目录/文件都归
git:git
所有。
home directory has 770
permissions and directory .ssh
inside home directory has 700
permissions.主目录具有
770
权限,主目录内的目录.ssh
具有700
权限。
I create a private/public key with command ssh-keygen -t ed25519 -C mymail@gmail.com
(or on second try ssh-keygen -t rsa -C mymail@gmail.com
).我使用命令
ssh-keygen -t ed25519 -C mymail@gmail.com
创建私钥/公钥(或第二次尝试ssh-keygen -t rsa -C mymail@gmail.com
)。
Public key becomes /media/nas/programming/git_repos/.ssh/authorized_keys
( git:git
ownership, 400 permissions) and private key becomes c:/Users/<username>/.ssh/id_ed25519
(or on second try c:/Users/<username>/.ssh/id_rsa
) on Windows PC.公钥变为
/media/nas/programming/git_repos/.ssh/authorized_keys
所有权,400 权限),私钥变为 c git:git
c:/Users/<username>/.ssh/id_ed25519
(或第二次尝试c:/Users/<username>/.ssh/id_rsa
Windows PC 上的c:/Users/<username>/.ssh/id_rsa
)。
On /etc/ssh/sshd_config
I have a line AllowUsers root git...
在
/etc/ssh/sshd_config
我有一行AllowUsers root git...
Now, with Git GUI, I am trying to connect to remote (lets say fetch) with url url = git@10.0.0.2:my_project
.现在,使用 Git GUI,我正在尝试使用 url
url = git@10.0.0.2:my_project
连接到远程(比如说获取)。
Initially it asks for password to decrypt id_ed25519
(or on second try id_rsa
).最初它要求密码解密
id_ed25519
(或第二次尝试id_rsa
)。
Then it asks for password for git@10.0.0.2
which means Git server does not count at all the .ssh/authorized_keys
.然后它要求
git@10.0.0.2
的密码,这意味着 Git 服务器根本不计算.ssh/authorized_keys
。
What I am doing wrong here?我在这里做错了什么?
update ssh -Tv git@10.0.0.2
does not say so much: update
ssh -Tv git@10.0.0.2
就不多说了:
....
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\chameleon/.ssh/id_rsa
debug1: Trying private key: C:\\Users\\chameleon/.ssh/id_dsa
debug1: Trying private key: C:\\Users\\chameleon/.ssh/id_ecdsa
debug1: Trying private key: C:\\Users\\chameleon/.ssh/id_ed25519
debug1: read_passphrase: can't open /dev/tty: No such file or directory
Enter passphrase for key 'C:\Users\chameleon/.ssh/id_ed25519': <---- Here I give the password
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: C:\\Users\\chameleon/.ssh/id_xmss
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such file or directory
git@10.0.0.2's password: <---- Here I give the password. After that, connection established.
Make sure you have the right permission on the remote side (NAS ~git): if anything if writable by "others", SSH will not consider the authorized_keys
file.确保您在远程端 (NAS ~git) 具有正确的权限:如果“其他人”可以写入任何内容,SSH 将不会考虑
authorized_keys
文件。
Then test your connection with ssh -Tv git@10.0.0.2
and confirm your c:/Users/<username>/.ssh/id_ed25519
is considered and proposed.然后使用
ssh -Tv git@10.0.0.2
测试您的连接并确认您的c:/Users/<username>/.ssh/id_ed25519
已被考虑和建议。
If it is, consider launching an sshd in debug mode on your NAS to see if any error message pops up during your ssh -Tv
test command.如果是,请考虑在 NAS 上以调试模式启动 sshd,以查看在执行
ssh -Tv
测试命令期间是否弹出任何错误消息。
Answer to my question:回答我的问题:
Fast: Change permissions of git
home folder from 770
to 750
.快速:将
git
主文件夹的权限从770
更改为750
。
Bloated:臃肿:
As @VonC says above, I start a new sshd
instance in port 12345
with debug 3
mode:正如@VonC 上面所说,我在端口
12345
中使用调试3
模式启动了一个新的sshd
实例:
sshd -p 12345 -ddd
Then I replace my remote repository link inside MyProjectFolder/.git/config
, from:然后我将
MyProjectFolder/.git/config
中的远程存储库链接替换为:
[remote "MyNAS"]
url = ssh://git@10.0.0.2:my_project
to到
[remote "MyNAS"]
url = ssh://git@10.0.0.2:12345/~/my_project
and I try a fetch
.然后我尝试
fetch
。
sshd
instance respond that git
home folder does not have properly ownership and/or permissions. sshd
实例响应git
主文件夹没有正确的所有权和/或权限。
I change git
home folder from 770
to 750
and now it works.我将
git
主文件夹从770
更改为750
,现在可以使用了。
PS: group writing set, because I user
belong to git
group and I was feeling that write access to git repo is a handy permission. PS:组写集,因为我的
user
属于git
组,我觉得对git repo的写权限是一个方便的权限。 Never mind.没关系。 It is not so useful.
它不是那么有用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.