I have the following use case: I would like to be able to push to git@git.company.com:gitolite-admin using the private key of user gitolite-admin, while I want to push to git@git.company.com:some_repo using 'my own' private key. AFAIK, I can't solve this using ~/.ssh/config, because the user name and server name are identical in both cases. As I mostly use my own private key, I have that defined in ~/.ssh/config for git@git.company.com. Does anyone know of a way to override the key that is used for a single git invocation?
(另外:gitolite根据键来区分谁在进行推送,所以就访问、所有权和审计而言,user@server字符串对于不同的用户是相同的,这不是问题。)
即使用户和主机是相同的,在~/.ssh/config中仍然可以区分它们。例如,如果你的配置是这样的:
Host gitolite-as-alice
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_rsa.alice
IdentitiesOnly yes
Host gitolite-as-bob
HostName git.company.com
User git
IdentityFile /home/whoever/.ssh/id_dsa.bob
IdentitiesOnly yes
然后在URL中使用gitolite-as-alice和gitolite-as-bob代替主机名:
git remote add alice git@gitolite-as-alice:whatever.git
git remote add bob git@gitolite-as-bob:whatever.git
Note
您希望包括IdentitiesOnly yes选项,以防止使用默认id。否则,如果您也有与默认名称匹配的id文件,它们将首先被尝试,因为与其他配置选项(遵守“first in wins”)不同,IdentityFile选项附加到要尝试的身份列表中。参见:https://serverfault.com/questions/450796/how-could-i-stop-ssh-offering-a-wrong-key/450807 # 450807
正如其他人提到的,核心。sshCommand config可以覆盖SSH密钥和其他参数。
下面是一个示例,其中有一个名为~/的替代键。Ssh /workrsa,并希望将其用于~/work下克隆的所有存储库。
在~/work下创建一个新的.gitconfig文件:
[core]
sshCommand = "ssh -i ~/.ssh/workrsa"
在全局git配置中~/。gitconfig,添加:
[includeIf "gitdir:~/work/"]
path = ~/work/.gitconfig
