stackoom
  简体   繁体   中英

Best practice for using git private key on a public server with a shared user

 原文  2014-12-17 00:40:56       git/ ssh/ private-key/ assembla

Question

I Currently use some servers to do some benchmarks. I need to log into multiple servers and git clone ... from assembla.

Currently I copy my private key to the server and then update the .ssh/config file. Although I share this user and server with other people to do their benchmarks. What is the best practice for this(without creating a new user for everyone on the server). Is there anyway I can use ssh-add key then use git on the server and pull the repo without storing the key on the server?

1 answers

solution1
 1 ACCPTED  2014-12-17 10:57:59

Enable SSH agent forwarding

Since you're using key-based authentication, the best solution is to allow forwarding of the authentication agent connection over the secure channel . If your public key is stored on the last server, there's no need to store your corresponding private key on the intermediate host.

Since the default client setting is not to forward the authentication agent to the remote host, you should enable agent forwarding in your client configuration. Add the following line to your ~/.ssh/config : 

Host intermediate.server.name
    ForwardAgent yes

On the server, the default is to enable Agent Forwarding but in case it has been disabled, you should ensure that the following line is uncommented in the server's SSHD configuration (usually /etc/sshd_config ). 

AllowAgentForwarding yes

GitHub have a good article on Using SSH agent forwarding which references Steve Friedl's comprehensive Guide to SSH Agent Forwarding .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Using public git repositories on private git server SSH using git - private and public key Pushing to TFS git using public/private key Branch a public git repository, on a private git server Is it possible to give public access to a private GIT server? git squash commits for public server, but keep detailed commits for private server git push with ssh to server , public key error Best practice using and merging external Git repositories Permission denied on git clone of my own private repo on a remote server - even though I added a new public key and all What is the best way to setup a git server[using gitlab] where the repository is under public_html?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM