堆栈内存溢出
  简体   繁体   English

Gitolite git clone需要ssh密码

[英]Gitolite git clone requires ssh password

 原文  2012-09-17 21:23:05       git/ ssh/ github/ gitolite

问题描述

using Gitolite on a Ubuntu server. 在Ubuntu服务器上使用Gitolite。 Have a project im working on that i need a particular syntax for the git command. 有一个项目即时通讯正在工作,我需要git命令的特定语法。

Works great: 效果很好: 

git clone gitolite@servername:testing.git

Asks for a password 要求输入密码 

git clone ssh://gitolite@servername/home/gitolite/repositories/testing.git

Ran from the same box, one after another. 从同一个盒子跑,一个又一个。 I can put in the password and it works. 我可以输入密码,它可以正常工作。 But I need to automatically work. 但是我需要自动工作。 Sounds like a problem with ssh pub/private keys. 听起来像是ssh pub /私有密钥的问题。 Any ideas? 有任何想法吗?

Update : Was a problem with file permissions. 更新 :文件权限存在问题。 Not sure the difference between the too commands. 不确定too命令之间的区别。 But the /var/log/auth.log showed some errors 但是/var/log/auth.log显示了一些错误

3 个解决方案

解决方案1
 5 已采纳  2012-09-17 21:28:40

You need to setup ~gitolite/.ssh/authorized_keys with a line like 您需要使用以下行来设置〜gitolite / .ssh / authorized_keys 

command="/home/gitolite/bin/gl-auth-command <USERNAME>",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAA...KEY.HERE...ZZZZ== user@label

A random URL with info relating to this (see the bottom of the page) 带有相关信息的随机URL(请参阅页面底部)

http://www.geekgumbo.com/2011/10/18/ssh-and-the-gitolite-installation-part-2/ http://www.geekgumbo.com/2011/10/18/ssh-and-the-gitolite-installation-part-2/

Ensure to change ownership of ~gitolite/.ssh/authorized_keys as per SSH requirements with: 确保根据SSH要求更改〜gitolite / .ssh / authorized_keys的所有权,方法是: 

chown gitolite: ~gitolite/.ssh/authorized_keys
chmod go-w ~gitolite/.ssh/authorized_keys

EDIT: to reflect your edits changing 'git' to 'gitolite' system username. 编辑:反映您的更改,将'git'更改为'gitolite'系统用户名。

Test your access from the client with: 使用以下方法测试来自客户端的访问权限: 

ssh -l gitolite -i <file_id_rsa_foobar> -v -o PasswordAuthentication=no -T <host>

Added -T seems needed on my local system to get banner (typed in excuse mistakes): 在我的本地系统上似乎需要添加-T来获得标题(键入借口错误): 

....
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/username/.ssh/id_rsa_foobar
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /home/username/.ssh/id_dsa_foobar
debug1: Remote: Forced command: /home/gitolite/bin/gl-auth/command <username>
....
hello <username> this is gitolite vX.X.XX-g0123abcd running on git X.X.X
the gitolite config gives you the following access:
    R   W    mydir/project1
....

解决方案2
 0  2012-09-17 21:31:11

If the first version works, that means the public keys have been published under the account named ' gitolite ': ~gitolite/.ssh/authorized_keys . 如果第一个版本有效,则意味着公钥已在名为“ gitolite ”的帐户下发布: ~gitolite/.ssh/authorized_keys

The permission issue you have encountered is described here: " Creating SSH keys for Gerrit and Hudson ": note that all the parent directories of a .ssh shouldn't have write permission for group or other: /home , /home/yourUser , /home/yourUser/.ssh . 您遇到的权限问题在这里进行描述:“ 为Gerrit和Hudson创建SSH密钥 ”:请注意,.ssh的所有父目录都不应具有对group或其他权限的写许可权: /home/home/yourUser/home/yourUser/.ssh

Plus, you shouldn't ever clone a gitolite repo with the full path of the repo: servername/home/gitolite/repositories/testing.git is wrong (and would by-pass gitolite completely). 另外,您永远都不应使用回购的完整路径克隆一个gitolite回购: servername/home/gitolite/repositories/testing.git是错误的(并且会完全绕过gitolite)。
servername:testing.git is right. servername:testing.git是正确的。

From the gitolite V2 doc : gitolite V2文件

The following problem(s) indicate that your pubkey is bypassing gitolite and going straight to a shell 以下问题表明您的公钥绕过gitolite并直接进入外壳

running git clone git@server:repositories/reponame (note presence of repositories/ in URL) works. 运行git clone git@server:repositories/reponame (注意URL中存在repositories/ )有效。

[A proper gitolite key will only let you git clone git@server:reponame (note absence of repositories/ )] [正确的gitolite密钥只能让您gi​​t clone git@server:reponame (注意没有repositories/ )]

解决方案3
 0  2013-10-16 09:12:49

还要尝试的另一件事:如果服务器上的sshd使用AllowGroups,请检查git-user是否包含在这些组之一中。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Gitolite在localhost上要求git ssh密码 - Gitolite asking for git ssh password on localhost 如何在受SSH保护的Gitolite服务器上使用git clone - How to use git clone with ssh protected gitolite server Gitolite git clone错误 - Gitolite git clone error gitolite git clone ssh://可以,但是git clone git://不适用于少数目录 - gitolite git clone ssh:// works but git clone git:// doesn't for few directories git clone (ssh) 时启用密码提示 - enable password prompt when git clone (ssh) gitlab: git clone ssh 仍然提示输入密码,ssh -T 正在工作 - gitlab: git clone ssh still prompts for password, ssh -T is working git clone需要ssh:// protocol,或许它不应该? - git clone requires ssh:// protocol when perhaps it shouldn't? Git提示我输入gitolite密码 - Git is prompting me for gitolite password Gitolite:git 克隆完成后打印消息 - Gitolite: print message after git clone finished gitolite / git clone不会覆盖以前的版本 - gitolite/git clone no overwriting previous version
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM