Ssh

gitlab自託管伺服器中的權限被拒絕(公鑰)

  • September 10, 2019

我想建立一個到我的 gitlab 伺服器的 ssh 連接。

gitlab 規範

通過安裝docker-compose

# ---------------------- #
#         gitlab         #
# ---------------------- #
gitlab:
 image: gitlab/gitlab-ce:latest
 restart: always
 hostname: gitlab.host.dev
 ports:
   - '801:80'
   - '4433:443'
   - '2222:22'
 volumes:
   - ./config:/etc/gitlab
   - ./logs:/var/log/gitlab
   - ./data:/var/opt/gitlab
 environment:
   GITLAB_OMNIBUS_CONFIG: |
     external_url 'http://gitlab.host.dev'
     gitlab_rails['smtp_enable'] = true
     gitlab_rails['smtp_address'] = "smtp.gmail.com"
     gitlab_rails['smtp_port'] = 587
     gitlab_rails['smtp_user_name'] = "a@gmail.com"
     gitlab_rails['smtp_password'] = "xyz"
     gitlab_rails['smtp_domain'] = "smtp.gmail.com"
     gitlab_rails['smtp_authentication'] = "login"
     gitlab_rails['smtp_enable_starttls_auto'] = true
     gitlab_rails['smtp_tls'] = false
     gitlab_rails['smtp_openssl_verify_mode'] = 'peer'

在圖像中:

cd /opt/gitlab/embedded/service/gitlab-shell/

ls -al

[...]
lrwxrwxrwx  1 root root    39 Sep  7 18:19 config.yml -> /var/opt/gitlab/gitlab-shell/config.yml
[...]

cd /var/opt/gitlab/.ssh/

ls -al

-rw-------  1 git  git  3036 Sep 10 08:30 authorized_keys
-rw-r--r--  1 git  git     0 Sep 10 08:30 authorized_keys.lock

  1. 我在 SSH Keys 設置中添加了密鑰(對於我在 gitlab 中的使用者)
ssh-rsa AAAAAAAAAAA= user@hostname
  1. test_ssh我在我的 gitlab 中創建了一個項目
  2. 我在我的電腦中創建了一個新文件夾,mkdir test_ssh然後touch test.txt
  3. git init
  4. git add .
  5. git commit -am "initial commit
  6. 添加 gitlab 遠端git remote add origin git@gitlab.dn.dev:gitlabuser/test_ssh.git
  7. git push -u origin master

錯誤

git@gitlab.helyx.dev: Permission denied (publickey).
fatal: Can not read remote depot.

Please check that you have access rights
and that the deposit exists.

Https測試

我通過 https 測試推送並且工作正常。

  1. git remote add https https://gitlab.dn.dev/user/test_ssh.git
  2. git push -u https master
To https://gitlab.dn.dev/user/test_ssh.git
  * [new branch]      master -> master

您已將容器配置為在埠 2222 上公開 ssh:

 ports:
   - '2222:22'

但是您沒有在 git 遠端 URL 中提供埠。您需要將埠 2222 添加到遠端 URL,如下所示:

git remote add origin ssh://git@gitlab.dn.dev:2222/test_ssh.git

如果沒有此埠,您將連接到伺服器本身的 SSHd,而不是 Gitlab 提供的埠。

此處列出了提供埠的其他選項。

檢查 sshd (/etc/ssh/sshd_config) 中的設置

PubkeyAuthentication yes
RSAAuthentication yes

並重新啟動 sshd

引用自:https://serverfault.com/questions/982654