英文:
Cannot push/pull GitLab when ssh from other machine
问题
我有一台用于开发的机器设置,我可以在本地从GitLab推送/拉取。当我通过SSH连接到该机器(终端或VS Code)时,所有操作都失败,并显示“Permission denied (publickey)”错误。
问题是什么,如何修复?
谢谢。
我已经检查了用户设置下的SSH密钥,开发机器和SSH连接的机器的密钥都是有效的。
根据**@Martheen**的建议
ssh git@gitlab.com -T -vvv 的输出
| 本地 | 通过SSH连接的机器 |
|---|---|
| ... | ... |
| debug1: SSH2_MSG_NEWKEYS sent | debug1: SSH2_MSG_NEWKEYS sent |
| debug1: expecting SSH2_MSG_NEWKEYS | debug1: expecting SSH2_MSG_NEWKEYS |
| debug3: receive packet: type 21 | debug3: receive packet: type 21 |
| debug1: SSH2_MSG_NEWKEYS received | debug1: SSH2_MSG_NEWKEYS received |
| debug2: set_newkeys: mode 0 | debug2: set_newkeys: mode 0 |
| debug1: rekey after 134217728 blocks | debug1: rekey after 134217728 blocks |
| debug2: key: some_user@some_place.com (0x55........), agent | |
| debug2: key: /home/xxx/.ssh/id_rsa ((nil)) | debug2: key: /home/xxx/.ssh/id_rsa ((nil)) |
| debug2: key: /home/xxx/.ssh/id_dsa ((nil)) | debug2: key: /home/xxx/.ssh/id_dsa ((nil)) |
| debug2: key: /home/xxx/.ssh/id_ecdsa ((nil)) | debug2: key: /home/xxx/.ssh/id_ecdsa ((nil)) |
| debug2: key: /home/xxx/.ssh/id_ed25519 ((nil)) | debug2: key: /home/xxx/.ssh/id_ed25519 ((nil)) |
| ... | ... |
| debug1: Offering public key: ED25519 SHA256:G+...... | debug1: Trying private key: /home/xxx/.ssh/id_rsa |
| debug3: send_pubkey_test | 未找到身份验证:... |
| ... | ... |
然后本地测试完成,SSH测试失败。
英文:
I have a machine setup for development, I can push/pull from GitLab locally. When I connect to that machine via SSH (terminal or vs code), all the actions failed with "Permission denied (publickey)."
what was the problem and how do I fix it?
thanks.
I have checked the SSH Keys under User Settings, keys from both machines (the development machine and the one SSH from) are valid.
as suggest by @Martheen
> the output of ssh git@gitlab.com -T -vvv
| local | from ssh |
|---|---|
| ... | ... |
| debug1: SSH2_MSG_NEWKEYS sent | debug1: SSH2_MSG_NEWKEYS sent |
| debug1: expecting SSH2_MSG_NEWKEYS | debug1: expecting SSH2_MSG_NEWKEYS |
| debug3: receive packet: type 21 | debug3: receive packet: type 21 |
| debug1: SSH2_MSG_NEWKEYS received | debug1: SSH2_MSG_NEWKEYS received |
| debug2: set_newkeys: mode 0 | debug2: set_newkeys: mode 0 |
| debug1: rekey after 134217728 blocks | debug1: rekey after 134217728 blocks |
| debug2: key: some_user@some_place.com (0x55........), agent | |
| debug2: key: /home/xxx/.ssh/id_rsa ((nil)) | debug2: key: /home/xxx/.ssh/id_rsa ((nil)) |
| debug2: key: /home/xxx/.ssh/id_dsa ((nil)) | debug2: key: /home/xxx/.ssh/id_dsa ((nil)) |
| debug2: key: /home/xxx/.ssh/id_ecdsa ((nil)) | debug2: key: /home/xxx/.ssh/id_ecdsa ((nil)) |
| debug2: key: /home/xxx/.ssh/id_ed25519 ((nil)) | debug2: key: /home/xxx/.ssh/id_ed25519 ((nil)) |
| ... | ... |
| debug1: Offering public key: ED25519 SHA256:G+...... | debug1: Trying private key: /home/xxx/.ssh/id_rsa |
| debug3: send_pubkey_test | no such identity: ... |
| ... | ... |
then the local finished to test and the ssh one failed.
答案1
得分: 1
在~/.ssh目录中,有一些名为some_name和some_name.pub的openssh私钥和公钥,没有任何默认名称的密钥(如id_rsa、id_dsa、id_ecdsa、id_ed25519),因此在日志中显示(nil)。
这意味着,如果任何推送/SSH连接成功(使用非标准命名的密钥),您应该有一个~/.ssh/config文件。
检查其内容是否类似于:
Host gh
Hostname gitlab.com
User git
IdentityFile ~/.ssh/some_name
如果确实有这样的条目,请检查ssh -Tv gh的输出:它应该用正确的用户进行身份验证。
使用Git远程URL gh:me/myrepo。
关于git如何使用SSH密钥以及为什么在本地工作时不需要配置文件的问题:
- 如果用于该存储库的
git remote origin是gh:me/myrepo(而不是git@gitlab.com:my/myrepo),Git与SSH将使用正确的密钥。 - 如果您的密钥具有标准名称,或者如果您还有一个
~/.ssh/config文件,它在本地工作。
英文:
> in ~/.ssh are openssh private and public keys some_name and some_name.pub, dont have any keys with default names (id_rsa, id_dsa, id_ecdsa, id_ed25519), thus the (nil) in the log.
That means, if any push/SSH connection is successful (with non-standard named keys), you should have a ~/.ssh/config file.
Check its content for something like:
Host gh
Hostname gitlab.com
User git
IdentityFile ~/.ssh/some_name
If you do have such an entry, check the output of ssh -Tv gh: it should authenticate you with the right user.
Use the Git remote URL gh:me/myrepo.
> How the git with ssh use the key and why it work locally without the config files?
- The Git with SSH will use the right key if the
git remote originused for that repository isgh:me/myrepo(notgit@gitlab.com:my/myrepo) - it is working locally if your keys have the standard name, or if you also have a
~/.ssh/configfile.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论