我刚刚开始使用git,我不能让它记住我的密码,我使用cmd.exe提升,我的git主机是github,我已经创建了一个ssh密钥,就像github上的指南
但我还是得到了
*\subnus.mvc>git push origin master
Enter passphrase for key '/c/Users/Subnus/.ssh/id_rsa':
我刚刚开始使用git,我不能让它记住我的密码,我使用cmd.exe提升,我的git主机是github,我已经创建了一个ssh密钥,就像github上的指南
但我还是得到了
*\subnus.mvc>git push origin master
Enter passphrase for key '/c/Users/Subnus/.ssh/id_rsa':
如果您为密钥文件设置了密码,则在连接时始终需要输入该密码。如果你创建了一个无密码密钥,那么你就不必每次都输入它,但是,任何访问你的密钥文件的人现在都可以连接到你的github帐户。
Ssh-agent也可以工作。试着运行它,看看它是否会记住你的密码。
对于任何需要更详细说明的人,请参阅本页: https://docs.github.com/authentication/connecting-to-github-with-ssh/working-with-ssh-key-passphrases
[编辑-误读问题,这是一个相关问题的答案。为后人留下改写的版本]
我的案例是,我试图推动一个托管在我们的服务器上的回购。每当我尝试做一个推,git会问我我的密码(nb -密码,不是我的私钥的密码短语)。
通过将我的公钥添加到服务器上的授权密钥,我能够获得无密码推送到该服务器。而且,因为我的私钥上没有密码(顺便说一句,这是糟糕的做法!)我根本不需要输入任何东西。
下面是向服务器添加公钥的命令。它假设用户git是服务器上的用户。
cat .ssh/id_rsa.pub | ssh git@GIT_MASTER_IP 'cat >> .ssh/authorized_keys'
您可以通过登录到服务器,并手动将公钥附加到~/.ssh/authorized_keys文件中来实现相同的功能
我意识到这个问题在两年前就出现了,但我也有同样的问题,这里的几个答案并没有完全回答我的问题。以下是三个分步解决方案,具体取决于您是否使用TortoiseGit和msysgit。
第一种方案以Windows、msysgit、PuTTY为例。
Install msysgit and PuTTY as instructed. (Optional) Add PuTTY to your path. (If you do not do this, then any references to PuTTY commands below must be prefixed with the full path to the appropriate executable.) If you have not done so already, then generate a key hash as instructed at GitHub or as instructed by your Git host. Again, if you have not already done so, convert your key for use with PuTTY's pageant.exe using puttygen.exe. Instructions are in PuTTY's documentation, in this helpful guide, and several other places in cyberspace. Run PuTTY's pageant.exe, open your .ppk file ("Add Key"), and provide your passphrase for your key. Access Windows' environment variables dialog (Right-click on "Computer", Click on "Properties", Click on "Advanced system settings" or the "Advanced" tab, click on "Environment Variables"). Add the following environment variable: GIT_SSH=C:\full\path\to\plink.exe Replace "C:\full\path\to" with the full installation path to PuTTY, where plink.exe is found. It is probably best to add it to the "User variables" section. Also, make sure that the path you use to plink.exe matches the path you use for Pageant (pageant.exe). In some cases, you may have several installations of PuTTY because it might be installed along with other applications. Using plink.exe from one installation and pageant.exe from another will likely cause you trouble. Open a command prompt. If you are trying to connect to a git repository hosted at Github.com then run the following command: plink.exe git@github.com If the git repository you are trying to connect to is hosted somewhere else, then replace git@github.com with an appropriate user name and URL. (Assuming Github) You should be informed that the server's host key is not cached, and asked if you trust it. Answer with a y. This will add the server's host key to PuTTY's list of known hosts. Without this step, git commands will not work properly. After hitting enter, Github informs you that Github does not provide shell access. That's fine...we don't need it. (If you are connecting to some other host, and it gives you shell access, it is probably best to terminate the link without doing anything else.) All done! Git commands should now work from the command line. You may want to have pageant.exe load your .ppk file automatically at boot time, depending on how often you'll be needing it.
第二种方案假设Windows、msysgit和TortoiseGit。
TortoiseGit附带了PuTTY可执行文件和一个经过特别修改的plink版本(称为TortoisePlink.exe),这将使事情变得更简单。
Install msysgit and TortoiseGit as instructed. If you have not done so already, then generate a key hash as instructed at GitHub or as instructed by your Git host. Again, if you have not already done so, convert your key for use with TortoiseGit's pageant.exe using TortoiseGit's puttygen.exe. Instructions are in PuTTY's documentation, in the helpful guide linked to in the first solution, and in several other places in cyberspace. Run TortoiseGit's pageant.exe, open your .ppk file ("Add Key") and provide your passphrase for your key. Access Windows' environment variables dialog (Right-click on "Computer", Click on "Properties", Click on "Advanced system settings" or the "Advanced" tab, click on "Environment Variables"). Add the following environment variable: GIT_SSH=C:\full\path\to\TortoisePlink.exe Replace "C:\full\path\to" with the full installation path to TortoiseGit, where TortoisePlink.exe is found. It is probably best to add it to the "User variables" section. Also, make sure that the path you use to TortoisePlink.exe matches the path you use for Pageant (pageant.exe). In some cases, you may have several installations of PuTTY because it might be installed along with other applications. Using TortoisePlink.exe from the TortoiseGit installation and pageant.exe from another installation of a different application (or from a standalone PuTTY installation) will likely cause you trouble. All done! Git commands should now work from the command line. The first time you try to connect to your git repository you will probably be informed that the server's host key is not cached, and asks if you trust the server. Click on "Yes". (This is TortoisePlink.exe in action.) You may want to have pageant.exe load your .ppk file automatically at boot time, depending on how often you'll be needing it.
第三种方案假设Windows、msysgit和本机命令提示符。
安装msysgit 确保允许在MS-DOS命令提示符上使用git 运行start-ssh-agent 输入SSH密码 全部完成!Git命令现在应该在本机命令提示符中工作。
我意识到这个问题已经拖延了好几年,但我无意中发现了这个问题,试图找到一个解决方案,我发现了一些适合所有专业水平的东西,所以我想我应该分享一下。
GitHub提供了一个非常有用的安装程序,使一切都很好很简单:https://help.github.com/articles/caching-your-github-password-in-git/
在问题发布5年8个月零6天后再做一个解决方案也不是什么坏主意。
注意:假设您使用的是windows计算机。
下载git-credential-winstore。 运行它!如果PATH环境变量中有GIT,它应该可以工作。如果没有,运行git-credential-winstore -i C:\Path\To\Git.exe。
下次尝试提交到存储库时,系统将提示您输入凭据。应该是这样。在您更改密码之前,您将不再被要求提供您的凭证。
只是为了让你知道…您的凭据存储在Windows凭据存储中
你把我的证件放在哪里? 这个应用程序只是使用现有的Windows凭据商店来保存您的凭据。您可以通过进入控制面板>用户帐户>凭证管理器并选择“Windows凭证”来查看存储的凭证。以“git:”开头的条目来自git-credential-winstore。
如果你在Windows下使用Git bash,你可以执行以下操作:
eval `ssh-agent -s`
ssh-add ~/.ssh/*_rsa
它会在第二个命令中要求传递短语,就是这样。你需要做的每一个额外的操作(曾经需要pass phrase)都不会要求你提供pass phrase(参见下面的屏幕截图中的例子):
你可以在你的用户的主目录下创建一个。bashrc文件,比如C:/Users/youruser,然后放在那里:
env=~/.ssh/agent.env
agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; }
agent_start () {
(umask 077; ssh-agent >| "$env")
. "$env" >| /dev/null ; }
agent_load_env
# agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2= agent not running
agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?)
if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then
agent_start
ssh-add
elif [ "$SSH_AUTH_SOCK" ] && [ $agent_run_state = 1 ]; then
ssh-add
fi
unset env
该脚本在每次bash运行后执行。因此,当git-bash启动时,您只需要输入一次密码!
某些版本的bash需要.bash_profile文件而不是.bashrc,所以以防万一克隆。bashrc:
copy .bashrc .bash_profile
让我们假设您想使用纯Git Bash解决方案,而不使用TortoiseGit或PuTTY。此外,您也不希望永久存储密码短语,因为它几乎与您在没有密码短语的情况下生成SSH密钥相同。但是您仍然需要使用一些缓存。
出于缓存目的,使用了ssh-agent进程,它包含在Git Bash发行版中。默认情况下,此进程没有启动,因此需要首先启动它。对于要缓存的任何SSH密钥,应该使用SSH -add命令将它们添加到这个进程中,该命令将提示您输入密钥的密码短语并将其存储在内存中。
其他解决方案的缺点:
Auto-launching ssh-agent like in GitHub's article asks for a passphrase right from the start when you launch Git Bash, regardless of whether you'll need to use your SSH key this session or not. If you're working with your local repo today you'll probably want to provide a passphrase only when really needed (e.g. when interacting with a remote repo). If you launch your ssh-agent like in GitLab's article with eval $(ssh-agent -s) you're probably tired of typing that in each time. Chances are, eventually, you've added those two lines to your .bashrc config to auto-launch. Downsides are the same as above plus an extra one: each time you launch a new Git Bash terminal you'll get an extra ssh-agent process (GitHub's bash script checks if that process has already started). Like the two above but especially so when you have separate SSH keys for different hosts, e.g. one for GitHub and another one for GitLab, so providing them all at once is annoying and inconvenient.
因此,这个解决方案是为那些想知道如何让Git Bash在每个Windows会话中只请求一次密码短语并且只在真正需要时才请求密码短语的人准备的。它类似于GnuPG使用default-cache-ttl提交自动签名的密码短语管理行为。
配置SSH,在需要时只使用Git Bash请求一次口令
First, we want to auto-launch the ssh-agent when starting a Git Bash shell. We'll use a modified GitHub's script for that as it checks whether the process has already started, but we don't want it to ssh-add keys right away. This script goes to your ~/.bashrc or ~/.profile or ~/.bash_profile (~ is your User's home directory like C:\Users\Username – run cd ~ and then pwd for the Git Bash to print it out): ### Start ssh-agent env=~/.ssh/agent.env agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; } agent_start () { (umask 077; ssh-agent >| "$env") # use -t here for timeout . "$env" >| /dev/null ; } agent_load_env # agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2= agent not running agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?) if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then agent_start fi unset env Now edit or create a ~/.ssh/config file and add an AddKeysToAgent option for each host stanza you want caching to be turned on (you can also turn it on globally by placing the directive at the beginning of the file before all the host declarations): # GitHub.com Host github.com Preferredauthentications publickey IdentityFile ~/.ssh/id_ed25519_github AddKeysToAgent yes # GitLab.com Host gitlab.com Preferredauthentications publickey IdentityFile ~/.ssh/id_ed25519_gitlab AddKeysToAgent yes From ssh config man page: If this option is set to yes and a key is loaded from a file, the key and its passphrase are added to the agent with the default lifetime, as if by ssh-add(1).
默认的最大生存期是永远,或者直到ssh-agent进程被杀死(可以从任务管理器手动杀死,也可以在PC关闭时杀死)。如果希望使用有限超时,可以使用ssh-agent的-t参数设置它。从上面的第一步更改bash脚本中的行,例如,键缓存生存时间为30分钟:
(umask 077; ssh-agent -t 30m >| "$env")
有关其他时间格式限定符,请参见这里。
窗口: 如果您从@d3r3kk开始执行步骤 如果你还有问题,那就试试这个:
窗口:
删除。bashrc文件 这个文件通常位于C:\Users\myusername
如何在Windows下正常运行SSH-Agent
现有的答案没有一个能使我满意地解决这个问题。下面是微软的建议:
以管理员权限启动powershell控制台:
按Win Win开始菜单,输入powershell,按回车键
将Windows中包含的OpenSSH添加到PATH变量中:
setx PATH "c:/Windows/System32/OpenSSH/;$Env:PATH;"
关闭powershell终端,打开一个新的。
输入以下命令,确保openssh代理作为服务在后台运行:
# enable automatic start
Get-Service ssh-agent | Set-Service -StartupType Automatic
# start it now
Start-Service ssh-agent
现在服务应该运行,你可以检查通过
Get-Service ssh-agent
将您的私钥加载到ssh-agent中,例如:
ssh-add $env:USERPROFILE/.ssh/id_rsa
来源:https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_keymanagement user-key-generation
现在您应该可以使用您的私钥,而不必每次都输入密码。