Ssh

為什麼 ssh 不使用配置文件中設置的身份?

  • February 19, 2021

我正在嘗試將某些 git repo 配置為使用特定的公鑰/私鑰進行身份驗證。

這是裡面 ~/.ssh/config

Host Repo
HostName bitbucket.org
User git
IdentityFile ~/.ssh/ynd
LogLevel DEBUG

這是嘗試推送回購時的日誌

debug1: Connecting to bitbucket.org [104.192.143.1] port 22.
debug1: Connection established.
debug1: identity file /Users/evgenipetrov/.ssh/ynd type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/evgenipetrov/.ssh/ynd-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version conker_1.0.315-a08d059 app-134
debug1: no match: conker_1.0.315-a08d059 app-134
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha2-256-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-sha2-256-etm@openssh.com none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /Users/evgenipetrov/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/evgenipetrov/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to bitbucket.org ([104.192.143.1]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LC_CTYPE = UTF-8
debug1: Sending command: git-receive-pack '[deleted]'
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
repository access denied.
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 3348, received 1736 bytes, in 0.4 seconds
Bytes per second: sent 9562.2, received 4958.2
debug1: Exit status 1
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

我可以看到它正在查找身份,但是當從伺服器請求公鑰身份驗證時,它沒有使用它來進行身份驗證。

我究竟做錯了什麼?為什麼 ssh 不使用配置文件中的 IdentityFile?

看起來,您的會話無法訪問指定的密鑰,並且它正在回退到預設密鑰。並且它能夠訪問 bitbucket ,但是,您無法使用此密鑰訪問儲存庫,因此請使用該預設密鑰 /Users/evgenipetrov/.ssh/id_rsa 查看儲存庫權限

還要檢查哪些 ssh-key 已載入到 ssh-agent 中,並使用 ssh-add 載入缺少的密鑰

主機需要與您使用的 ssh 或 git clone 相匹配。

所以

ssh -vv Repo

那應該使用正確的鍵。

也為了可讀性..正確間隔配置

Host Repo
  HostName bitbucket.org
  User git
  IdentityFile ~/.ssh/ynd
  LogLevel DEBUG

我也看到了這個

debug1: identity file /Users/evgenipetrov/.ssh/ynd type 1
debug1: key_load_public: No such file or directory

檢查文件是否存在

引用自:https://serverfault.com/questions/884836