我的问题是我不能从GitLab中push或fetch。但是,我可以克隆(通过HTTP或SSH)。当我试图推的时候,我得到这个错误:
权限被拒绝(publickey)致命:无法从远程存储库读取
从我看过的所有线索来看,以下是我所做的:
在我的电脑上设置一个SSH密钥,并将公钥添加到GitLab 完成了用户名和电子邮件的config -global 通过SSH和HTTP克隆,以检查它是否能解决问题 执行ssh -T git@gitlab.com命令
如果您对如何解决我的问题有任何见解,我将不胜感激。
当前回答
在我们的例子中,这不是用户/客户端的问题,而是Gitlab服务器端的问题。
我们在CentOS 7.1上运行本地Gitlab CE 12.9实例。
我们发现在服务器上,.ssh/authorized_keys文件没有正确更新。用户创建他们的SSH密钥(遵循Gitlab指南)并将其添加到Gitlab服务器,但服务器不更新authorized_keys,因此总是会导致权限拒绝错误。
一个解决方法是通过运行以下命令重建authorized_keys文件:
$ sudo gitlab-rake gitlab:shell:setup
这适用于任何在运行rake任务之前添加密钥的人。对于下一个要添加密钥的用户,必须有人再次手动运行rake任务。
一个更持久的解决方案是不使用authorized_keys文件,而是在Gitlab数据库上使用索引查找:
GitLab Shell provides a way to authorize SSH users via a fast, indexed lookup to the GitLab database. GitLab Shell uses the fingerprint of the SSH key to check whether the user is authorized to access GitLab. Add the following to your sshd_config file. This is usually located at /etc/ssh/sshd_config, but it will be /assets/sshd_config if you're using Omnibus Docker: Match User git # Apply the AuthorizedKeysCommands to the git user only AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k AuthorizedKeysCommandUser git Match all # End match, settings apply to all users again Reload OpenSSH: # Debian or Ubuntu installations sudo service ssh reload # CentOS installations sudo service sshd reload Confirm that SSH is working by removing your user's SSH key in the UI, adding a new one, and attempting to pull a repo.
默认情况下(我们安装时的默认情况),在Admin Area > Performance Optimization设置中检查了Write to authorized_keys文件。因此,我们未选中该选项,转而使用Gitlab数据库。
在设置了索引查找并取消对Write to authorized_keys文件的检查之后,SSH访问就可以了。
其他回答
在我的案例中,它在WSL (Linux的Windows子系统)中不起作用。
当我开始WSL时,我必须
启动ssh-agent_ eval $(ssh-agent -s) 将密钥添加到ssh-agent: ssh-add ~/.ssh/id_rsa 如果有提示,请输入密码
现在连接起作用了。 我们可以使用ssh -T git@github.com进行测试
注:
weasel-pageant允许我们在WSL中重用在PuTTY pageant中加载的ssh密钥 详细解释:Git通过SSH从Windows返回Permission Denied
步骤要做,得到同样的错误,但我修复了它。 Gitlab需要ssh-rsa,所以下面是运行ssh for rsa的代码
ssh-keygen -o -t rsa -b 4096 -C "name@gmail.com"
name@gmail.com是您的gitlab帐户电子邮件
It will prompt you to enter so just hit Enter after the below code is prompt, Enter file in which to save the key (/home/yourDesktopName/.ssh/id_rsa): It will prompt again you to enter so just hit Enter after the below code is prompt, Enter passphrase (empty for no passphrase): It will prompt again for the last you to enter so just hit Enter after the below code is prompt, Enter same passphrase again: You will show your ssh-rsa generate. Login to your Gitlab account and Go to the right navbar you will get setting and in the left sidebar you will get ssh key. Enter in it. Look above the prompt asking you to enter, you will get the path of ssh-rsa. Go to your SSH folder and get the id_rsa.pub Open it and get the key and Copy Paste to the Gitlab and you are nearly to done. Check by: ssh -T git@gitlab.com You will get: Welcome to GitLab, @joy4! Done.
当你有多个git帐户,你想要不同的ssh密钥 您必须遵循生成ssh密钥的相同步骤,但请确保 你
ssh-keygen -t ed25519 -C "your-email-id@gmail.com"
输入您想要保存的路径(例如:my-pc/Desktop/.ssh/ed25519)
添加公钥到你的gitlab(如何添加ssh密钥到gitlab)
您必须使用下面的命令创建新的ssh标识
ssh-add ~/my-pc/Desktop/.ssh/ed25519
我在gitlab help中找到了解决方案。
To create a new SSH key pair:
1. Open a terminal on Linux or macOS, or Git Bash / WSL on Windows.
2. Generate a new ED25519 SSH key pair: ssh-keygen -t ed25519 -C "email@example.com"
2.1 Or, if you want to use RSA: ssh-keygen -o -t rsa -b 4096 -C "email@example.com"
3. Next, you will be prompted to input a file path to save your SSH key pair to... use the suggested path by pressing Enter
4. Once the path is decided, you will be prompted to input a password to secure your new SSH key pair. It's a best practice to use a password, but it's not required and you can skip creating it by pressing Enter twice.
5. Copy your public SSH key to the clipboard by using one of the commands below depending on your Operating System:
macOS: pbcopy < ~/.ssh/id_ed25519.pub
WSL / GNU/Linux (requires the xclip package): xclip -sel clip < ~/.ssh/id_ed25519.pub
Git Bash on Windows: cat ~/.ssh/id_ed25519.pub | clip
6. Navigating to SSH Keys and pasting your public key in the Key field
7. Click the Add key button
我希望它能帮助到你们中的一些人!
在我们的例子中,这不是用户/客户端的问题,而是Gitlab服务器端的问题。
我们在CentOS 7.1上运行本地Gitlab CE 12.9实例。
我们发现在服务器上,.ssh/authorized_keys文件没有正确更新。用户创建他们的SSH密钥(遵循Gitlab指南)并将其添加到Gitlab服务器,但服务器不更新authorized_keys,因此总是会导致权限拒绝错误。
一个解决方法是通过运行以下命令重建authorized_keys文件:
$ sudo gitlab-rake gitlab:shell:setup
这适用于任何在运行rake任务之前添加密钥的人。对于下一个要添加密钥的用户,必须有人再次手动运行rake任务。
一个更持久的解决方案是不使用authorized_keys文件,而是在Gitlab数据库上使用索引查找:
GitLab Shell provides a way to authorize SSH users via a fast, indexed lookup to the GitLab database. GitLab Shell uses the fingerprint of the SSH key to check whether the user is authorized to access GitLab. Add the following to your sshd_config file. This is usually located at /etc/ssh/sshd_config, but it will be /assets/sshd_config if you're using Omnibus Docker: Match User git # Apply the AuthorizedKeysCommands to the git user only AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k AuthorizedKeysCommandUser git Match all # End match, settings apply to all users again Reload OpenSSH: # Debian or Ubuntu installations sudo service ssh reload # CentOS installations sudo service sshd reload Confirm that SSH is working by removing your user's SSH key in the UI, adding a new one, and attempting to pull a repo.
默认情况下(我们安装时的默认情况),在Admin Area > Performance Optimization设置中检查了Write to authorized_keys文件。因此,我们未选中该选项,转而使用Gitlab数据库。
在设置了索引查找并取消对Write to authorized_keys文件的检查之后,SSH访问就可以了。
