Gitolite:无法使用新的 ssh 密钥登录?
Gitolite: unable to login with new ssh keys?
最近我向 gitolite 管理项目添加了新的 ssh 密钥,我无法使用 ssh 密钥进行身份验证,它要求 shell 密码。
我可以使用旧密钥进行身份验证。
任何想法我都已经参考了 gitolite 页面和 ssh lint 选项。
此问题仅针对新密钥。
添加 2 个服务器日志
Old server (admin anil.golla)
==================
2016-01-08.18:24:26 2914 ssh ARGV=anil.golla SOC=git-receive-pack '/gitolite-admin' FROM=172.30.10.240
2016-01-08.18:24:26 2914 trigger,Mirroring,input,INPUT
2016-01-08.18:24:26 2914 access(gitolite-admin, anil.golla, W, 'any'),-> refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914 trigger,Writable,access_1,ACCESS_1,gitolite-admin,anil.golla,W,any,refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914 pre_git gitolite-admin anil.golla W any -> refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914 trigger,Mirroring,pre_git,PRE_GIT,gitolite-admin,anil.golla,W,any,git-receive-pack
2016-01-08.18:24:26 2914 pre_git() on refbaroda
2016-01-08.18:24:26 2914 mirror,pre_git,gitolite-admin,user=anil.golla,sender=,mode=master
2016-01-08.18:24:26 2914 system,git,shell,-c,git-receive-pack '/home/gitadmin/repositories/gitolite-admin.git'
2016-01-08.18:24:26 2914 update,gitolite-admin,anil.golla,W,refs/heads/master,3087ed57cbf373970107857a2aeca2adf3cd446f,4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:26 2914 trigger,RefexExpr,access_2,ACCESS_2,gitolite-admin,anil.golla,W,refs/heads/master,refs/heads/master,3087ed57cbf373970107857a2aeca2adf3cd446f,4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:26 2914 -> refs/heads/master
2016-01-08.18:24:26 2914 update gitolite-admin anil.golla W refs/heads/master 3087ed57cbf373970107857a2aeca2adf3cd446f 4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:27 2914 post-up,refs/heads/master
2016-01-08.18:24:27 2914 system,gitolite compile
2016-01-08.18:24:27 2914 system,gitolite trigger POST_COMPILE
2016-01-08.18:24:27 2914 system,/home/gitadmin/bin/triggers/post-compile/ssh-authkeys,POST_COMPILE
2016-01-08.18:24:29 2914 die fingerprinting failed for 'keydir/pranav.talla.pub'
2016-01-08.18:24:29 2914 system() failed,/home/gitadmin/bin/triggers/post-compile/ssh-authkeys,POST_COMPILE,-> 6400
2016-01-08.18:24:29 2914 system() failed,gitolite trigger POST_COMPILE,-> 6400
2016-01-08.18:24:29 2914 trigger,Mirroring,post_git,POST_GIT,gitolite-admin,anil.golla,W,any,git-receive-pack
2016-01-08.18:24:29 2914 post_git() on refbaroda
2016-01-08.18:24:29 2914 mirror,post_git,gitolite-admin,user=anil.golla,sender=,mode=master
2016-01-08.18:24:29 2914 END
2016-01-08.18:24:29 2914 system,/home/gitadmin/bin/commands/mirror,push,gitslave,gitolite-admin
2016-01-08.18:24:29 2914 system,/home/gitadmin/bin/commands/mirror,push,refpune,gitolite-admin
2016-01-08.18:24:29 2914 system,/home/gitadmin/bin/commands/mirror,push,refchicago,gitolite-admin
===============================================================
New Server (admin id d.deepak)
2016-01-08.18:30:18 1698 ssh ARGV=d.deepak SOC=git-receive-pack '/gitolite-admin.git' FROM=10.81.124.12
2016-01-08.18:30:18 1698 pre_git gitolite-admin d.deepak W any refs/.*
2016-01-08.18:30:18 1698 system,git,shell,-c,git-receive-pack '/home/test1/repositories/gitolite-admin.git'
2016-01-08.18:30:18 1698 update gitolite-admin d.deepak W refs/heads/master 2b1ad8f3a735926bb170f52f0a64321ef9fe5f8e 2431f8d59d9dc5ae0920736d5618365ab350f669 refs/.*
2016-01-08.18:30:18 1698 system,gitolite compile
2016-01-08.18:30:18 1698 system,gitolite trigger POST_COMPILE
2016-01-08.18:30:18 1698 system,/home/test1/gitolite/src/triggers/post-compile/ssh-authkeys,POST_COMPILE
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/triggers/post-compile/update-git-configs,POST_COMPILE
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/triggers/post-compile/update-gitweb-access-list,POST_COMPILE
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/commands/access,%,gitweb,R,any
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/commands/git-config,-r,%,gitweb\.
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/triggers/post-compile/update-git-daemon-access-list,POST_COMPILE
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/commands/access,%,daemon,R,any
2016-01-08.18:30:19 1698 END
创建 SSH 配置文件
When you have multiple identity files, create a SSH config file mechanisms to create aliases for your various identities.
You can construct a SSH config file using many parameters and different approaches.
The format for the alias entries use in this example is:
Host alias
HostName bitbucket.org
IdentityFile ~/.ssh/identity
To create a config file for two identities (workid and personalid), you would do the following:
Open a terminal window.
Edit the ~/.ssh/config file.
如果您没有配置文件,请创建一个。
为每个身份组合添加一个别名,例如:
Host workid
HostName bitbucket.org
IdentityFile ~/.ssh/workid
Host personalid
HostName bitbucket.org
IdentityFile ~/.ssh/personalid
PS
不要忘记将密钥加载到您的 gitolite 帐户。
事实证明(在 50 多条评论之后)将密钥推送到生产服务器错误:“die fingerprinting failed for”。
我在以下地方看到了这个错误:
- "
"(没有剩余磁盘 space)
"Can not add user with Gitolite (centos)": 错误的 ssh 密钥生成。
应该是:
ssh-keygen -t rsa -f "${H}/.ssh/test" -C "Gitolite Admin access (not interactive)" -q -P ""
"Getting fatal: object is corrupted when pushing to a remote repo",它指出了该错误消息的来源。
并提到OpenSSH 6.8版本中的密钥指纹格式发生了变化,您需要最新的gitolite(3.6.3+)才能应对新格式。
最近我向 gitolite 管理项目添加了新的 ssh 密钥,我无法使用 ssh 密钥进行身份验证,它要求 shell 密码。
我可以使用旧密钥进行身份验证。
任何想法我都已经参考了 gitolite 页面和 ssh lint 选项。
此问题仅针对新密钥。
添加 2 个服务器日志
Old server (admin anil.golla)
==================
2016-01-08.18:24:26 2914 ssh ARGV=anil.golla SOC=git-receive-pack '/gitolite-admin' FROM=172.30.10.240
2016-01-08.18:24:26 2914 trigger,Mirroring,input,INPUT
2016-01-08.18:24:26 2914 access(gitolite-admin, anil.golla, W, 'any'),-> refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914 trigger,Writable,access_1,ACCESS_1,gitolite-admin,anil.golla,W,any,refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914 pre_git gitolite-admin anil.golla W any -> refs/heads/personal/anil.golla/
2016-01-08.18:24:26 2914 trigger,Mirroring,pre_git,PRE_GIT,gitolite-admin,anil.golla,W,any,git-receive-pack
2016-01-08.18:24:26 2914 pre_git() on refbaroda
2016-01-08.18:24:26 2914 mirror,pre_git,gitolite-admin,user=anil.golla,sender=,mode=master
2016-01-08.18:24:26 2914 system,git,shell,-c,git-receive-pack '/home/gitadmin/repositories/gitolite-admin.git'
2016-01-08.18:24:26 2914 update,gitolite-admin,anil.golla,W,refs/heads/master,3087ed57cbf373970107857a2aeca2adf3cd446f,4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:26 2914 trigger,RefexExpr,access_2,ACCESS_2,gitolite-admin,anil.golla,W,refs/heads/master,refs/heads/master,3087ed57cbf373970107857a2aeca2adf3cd446f,4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:26 2914 -> refs/heads/master
2016-01-08.18:24:26 2914 update gitolite-admin anil.golla W refs/heads/master 3087ed57cbf373970107857a2aeca2adf3cd446f 4139b07d2ca88925fc460bba64077939a25ba688
2016-01-08.18:24:27 2914 post-up,refs/heads/master
2016-01-08.18:24:27 2914 system,gitolite compile
2016-01-08.18:24:27 2914 system,gitolite trigger POST_COMPILE
2016-01-08.18:24:27 2914 system,/home/gitadmin/bin/triggers/post-compile/ssh-authkeys,POST_COMPILE
2016-01-08.18:24:29 2914 die fingerprinting failed for 'keydir/pranav.talla.pub'
2016-01-08.18:24:29 2914 system() failed,/home/gitadmin/bin/triggers/post-compile/ssh-authkeys,POST_COMPILE,-> 6400
2016-01-08.18:24:29 2914 system() failed,gitolite trigger POST_COMPILE,-> 6400
2016-01-08.18:24:29 2914 trigger,Mirroring,post_git,POST_GIT,gitolite-admin,anil.golla,W,any,git-receive-pack
2016-01-08.18:24:29 2914 post_git() on refbaroda
2016-01-08.18:24:29 2914 mirror,post_git,gitolite-admin,user=anil.golla,sender=,mode=master
2016-01-08.18:24:29 2914 END
2016-01-08.18:24:29 2914 system,/home/gitadmin/bin/commands/mirror,push,gitslave,gitolite-admin
2016-01-08.18:24:29 2914 system,/home/gitadmin/bin/commands/mirror,push,refpune,gitolite-admin
2016-01-08.18:24:29 2914 system,/home/gitadmin/bin/commands/mirror,push,refchicago,gitolite-admin
===============================================================
New Server (admin id d.deepak)
2016-01-08.18:30:18 1698 ssh ARGV=d.deepak SOC=git-receive-pack '/gitolite-admin.git' FROM=10.81.124.12
2016-01-08.18:30:18 1698 pre_git gitolite-admin d.deepak W any refs/.*
2016-01-08.18:30:18 1698 system,git,shell,-c,git-receive-pack '/home/test1/repositories/gitolite-admin.git'
2016-01-08.18:30:18 1698 update gitolite-admin d.deepak W refs/heads/master 2b1ad8f3a735926bb170f52f0a64321ef9fe5f8e 2431f8d59d9dc5ae0920736d5618365ab350f669 refs/.*
2016-01-08.18:30:18 1698 system,gitolite compile
2016-01-08.18:30:18 1698 system,gitolite trigger POST_COMPILE
2016-01-08.18:30:18 1698 system,/home/test1/gitolite/src/triggers/post-compile/ssh-authkeys,POST_COMPILE
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/triggers/post-compile/update-git-configs,POST_COMPILE
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/triggers/post-compile/update-gitweb-access-list,POST_COMPILE
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/commands/access,%,gitweb,R,any
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/commands/git-config,-r,%,gitweb\.
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/triggers/post-compile/update-git-daemon-access-list,POST_COMPILE
2016-01-08.18:30:19 1698 system,/home/test1/gitolite/src/commands/access,%,daemon,R,any
2016-01-08.18:30:19 1698 END
创建 SSH 配置文件
When you have multiple identity files, create a SSH config file mechanisms to create aliases for your various identities.
You can construct a SSH config file using many parameters and different approaches.
The format for the alias entries use in this example is:
Host alias HostName bitbucket.org IdentityFile ~/.ssh/identityTo create a config file for two identities (workid and personalid), you would do the following:
Open a terminal window.
Edit the ~/.ssh/config file.
如果您没有配置文件,请创建一个。
为每个身份组合添加一个别名,例如:
Host workid
HostName bitbucket.org
IdentityFile ~/.ssh/workid
Host personalid
HostName bitbucket.org
IdentityFile ~/.ssh/personalid
PS
不要忘记将密钥加载到您的 gitolite 帐户。
事实证明(在 50 多条评论之后)将密钥推送到生产服务器错误:“die fingerprinting failed for”。
我在以下地方看到了这个错误:
- "
"Can not add user with Gitolite (centos)": 错误的 ssh 密钥生成。
应该是:ssh-keygen -t rsa -f "${H}/.ssh/test" -C "Gitolite Admin access (not interactive)" -q -P ""
"Getting fatal: object is corrupted when pushing to a remote repo",它指出了该错误消息的来源。
并提到OpenSSH 6.8版本中的密钥指纹格式发生了变化,您需要最新的gitolite(3.6.3+)才能应对新格式。