Ssh
GitLab - 不接受通過 SSH 推送asksf或S_小號H密碼_______一種sķsF這r小號小號Hp一種ss在這rdasks for SSH password,適用於 HTTP 嗎?
我已經研究了這個問題的多種解決方案,包括: https://serverfault.com/questions/515395/gitlab-unable-to-push-via-ssh Gitlab not working with SSH Keys http://community.bitnami.com /t/unable-to-make-a-ssh-connection-to-gitlab-but-http-push-and-clone-are-working/14939
好的,所以…我今天剛安裝了 GitLab。我遵循了這本手冊。當我開始創建使用者時,“git”正在使用中,所以我決定使用“gitlab”。如果這是一個錯誤的決定,我可以回去嘗試看看什麼在使用“git”以及為什麼以及是否可以停止它並將其交給 GitLab。
基本上,當我推送 GitLab 時,我正在嘗試使用 SSH 地址:gitlab@git.example.com:user/repo。當我使用“git push origin master”(origin指向上述地址)時,我被要求輸入使用者“gitlab”的SSH伺服器密碼。如果我輸入它,GitLab 然後告訴我“使用者/儲存庫”似乎不是儲存庫,然後它退出。
“ssh -vvvT”的輸出是:
C:\Users\Jake>ssh -vvvT gitlab@git.redacted.com OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007 debug2: ssh_connect: needpriv 0 debug1: Connecting to git.redacted.com [redacted] port 22. debug1: Connection established. debug1: identity file /c/Users/Jake/.ssh/identity type -1 debug3: Not a RSA1 key file /c/Users/Jake/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /c/Users/Jake/.ssh/id_rsa type 1 debug3: Not a RSA1 key file /c/Users/Jake/.ssh/id_dsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /c/Users/Jake/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubu ntu-2ubuntu2 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.6 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-g roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour1 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-c tr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh- sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hel lman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,ae s128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae l-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12 8,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,ae s128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndae l-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um ac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hma c-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@opens sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1 28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,um ac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hma c-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@opens sh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-1 28@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh .com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 119/256 debug2: bits set: 524/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /c/Users/Jake/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug3: check_host_in_hostfile: filename /c/Users/Jake/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'git.majornoob.com' is known and matches the RSA host key. debug1: Found key in /c/Users/Jake/.ssh/known_hosts:1 debug2: bits set: 515/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /c/Users/Jake/.ssh/identity (0x0) debug2: key: /c/Users/Jake/.ssh/id_rsa (0xa01b360) debug2: key: /c/Users/Jake/.ssh/id_dsa (0xa01b378) debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /c/Users/Jake/.ssh/identity debug3: no such identity: /c/Users/Jake/.ssh/identity debug1: Offering public key: /c/Users/Jake/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password debug1: Offering public key: /c/Users/Jake/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password gitlab@git.redacted.com's password: C:\Users\Jake>這似乎無法讀取我的 SSH 密鑰?我不確定發生了什麼。
我使用以下命令嘗試了兩種不同的 SSH 密鑰和兩種不同的加密類型:
ssh-keygen -t rsa -C "redacted@gmail.com" ssh-keygen -t dsa -C "redacted@gmail.com"這是我嘗試使用 SSH 協議推送時的輸出:
C:\Users\Jake\Documents\Development\test>git push origin master gitlab@git.redacted.com's password: fatal: 'jake/test.git' does not appear to be a git repository fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. C:\Users\Jake\Documents\Development\test>為什麼還要輸入 SSH 密碼?我希望它使用密鑰。
密鑰在 GitLab 安裝上,這裡有一些證明:
我不確定從這裡去哪裡,或者我可以提供哪些其他資訊來更輕鬆地診斷我的問題。請幫幫我!我願意回答您提出的任何可能使您更容易解決此問題的問題。
先感謝您!
**編輯:**當我使用“ssh -vvvT gitlab@git.redacted.com”並實際輸入使用者密碼時,它會顯示 Ubuntu MOTD。我相當 200% 肯定這不應該發生。
你說的對。MOTD 不應顯示給任何使用者。Gitlab 有自己的內置 shell 來處理使用者,但該 shell 僅在使用者使用其私鑰登錄時執行,這對您不起作用。因為使用密碼以 git 身份登錄會給您帶來提示,所以您應該刪除 git 的密碼:
sudo passwd -d git然後通過執行禁用 bash 登錄
sudo vim /etc/passwd,找到 git 使用者,並在它說的最後,/bin/bash將其替換為/bin/nologin.至於密鑰,請確保您的客戶端電腦可以使用密鑰。嘗試 sshing 到本地主機。它應該要求輸入密碼。註銷,將客戶端的 ssh 密鑰添加到自身:
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys #This should not require root然後嘗試再次登錄 localhost。如果它不要求輸入密碼,您就知道您的客戶端設置正確。
如果您的客戶端沒問題,請嘗試調試伺服器。在執行此操作之前,請從螢幕截圖中刪除您的密鑰。然後,通過執行確保 Gitlab 對 /home/git/.ssh 目錄具有完全訪問權限
sudo chmod -R git /home/git/.ssh。重新添加您的密鑰,然後執行sudo cat /home/git/.ssh/authorized_keys並查看您的密鑰是否在那裡。如果這不起作用,請通過執行檢查您的 gitlab 日誌
tailf /home/git/gitlab/{LOG}.log,然後{LOG}用unicorn、application、production或替換githost,然後嘗試添加您的密鑰。*記住在做任何事情之前刪除你的密鑰。*密鑰儲存在數據庫中,應該儲存在 /home/git/.ssh/authorized_keys 中。如果它們在數據庫中,但不在文件中,您可能會遇到問題。