My ssh
configuration inside /root/.ssh/config
:
Host *
IdentityFile /root/.ssh/id_rsa_api
IdentityFile /root/.ssh/id_rsa_ui
I use these keys to be able to clone GitHub repositories. However, only the first IdentityFile
(API) works. For the second, it says Repository not found
as I start cloning. When I swap the configuration like:
Host *
IdentityFile /root/.ssh/id_rsa_ui
IdentityFile /root/.ssh/id_rsa_api
This way I can clone the UI, but not the API. As a consequence, I see that the keys are correct, but the second IdentityFile is always ignored. What could the problem be?
I cannot use ssh-add because I configure ssh
inside a Dockerfile and ssh-agent is not running when the container is build.
Do you have any other keys besides the two you've listed in the question? The OpenSSH server sshd
will drop a client after too many failed authentication attempts. If you have enough keys, your client may be trying all of them and being dropped before it gets through all of the keys you've listed. Running ssh
with the -v
parameter will show which keys ssh tries to use to authenticate.
The sshd_config parameter MaxAuthTries
determines how many times a client can attempt to authenticate. The default is 6.
If this is the problem, you may be able to avoid it by setting the ssh_config parameter IdentitiesOnly
. This prevents your client from using identities that didn't come from the ssh configuration files. Another thing to consider is to use more specific Host
or Match
directives, so you only apply a key to the specific hosts where the key should be used.
https://developer.github.com/guides/managing-deploy-keys/#deploy-keys
Deploy keys only grant access to a single repository. More complex projects may have many repositories to pull to the same server
So I dropped using deploy keys. Instead I created an ssh key that allows access to all of my private repositories. This way I have a single IdentityFile.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.