我已经找遍了,找不到解决方案。它工作过一次......不久前。
我正在尝试使用 git 将远程存储库克隆到我的本地 Windows 10 工作站。我已经在 VSC、git bash 中尝试过,但没有运气。我已经多次重新生成 ssh 密钥,并确保它们在我的 bitbucket 帐户中。我还让管理员验证我在 bitbucket 中有权限。我可以使用 https 进行克隆,但由于 terraform init 的模块依赖性,我也需要 ssh,因为它使用 ssh。
这是我得到的错误
Cloning into 'terraform'...
git@something.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
有关如何使 ssh 连接正常工作的任何想法?我还验证了 openssh ssh-agent 服务正在运行。
更新输出...我还是不明白
强制私钥
PS C:\Users\me> ssh -i c:\users\me\.ssh\id_rsa -Tv git@something.com -p 7999
OpenSSH_for_Windows_7.6p1, LibreSSL 2.6.4
debug1: Connecting to something.com [1.1.1.1] port 7999.
debug1: Connection established.
debug1: identity file c:\\users\\me\\.ssh\\id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file c:\\users\\me\\.ssh\\id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.6
debug1: Remote protocol version 2.0, remote software version APACHE-SSHD-2.4.0
debug1: no match: APACHE-SSHD-2.4.0
debug1: Authenticating to something.com:7999 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:tbUbYIJrt+P7aWKYsn09IsD+iouWjGiR6am8BaXXXXX
debug1: Host '[something.com]:7999' is known and matches the RSA host key.
debug1: Found key in C:\\Users\\me/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:bvs3ECFl7m4r8SN404IIeuiFG6AoNqfdMCFp+AYXXXX c:\\users\\me\\.ssh\\id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug1: read_passphrase: can't open /dev/tty: No such file or directory
Enter passphrase for key 'c:\users\me\.ssh\id_rsa':
debug1: Authentication succeeded (publickey).
Authenticated to something.com ([1.1.1.1]:7999).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
shell request failed on channel 0
强制公钥
PS C:\Users\aedle> ssh -i c:\users\me\.ssh\id_rsa.pub -Tv git@ssomething.com -p 7999
OpenSSH_for_Windows_7.6p1, LibreSSL 2.6.4
debug1: Connecting to something.com [1.1.1.1] port 7999.
debug1: Connection established.
debug1: identity file c:\\users\\me\\.ssh\\id_rsa.pub type 0
debug1: key_load_public: No such file or directory
debug1: identity file c:\\users\\me\\.ssh\\id_rsa.pub-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.6
debug1: Remote protocol version 2.0, remote software version APACHE-SSHD-2.4.0
debug1: no match: APACHE-SSHD-2.4.0
debug1: Authenticating to something.com:7999 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:tbUbYIJrt+P7aWKYsn09IsD+iouWjGiR6am8Ba9XXXX
debug1: Host '[something.com]:7999' is known and matches the RSA host key.
debug1: Found key in C:\\Users\\me/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:bvs3ECFl7m4r8SN404IIeuiFG6AoNqfdMCFp+AXXXXX c:\\users\\me\\.ssh\\id_rsa.pub
debug1: Server accepts key: pkalg ssh-rsa blen 535
Load key "c:\\users\\me\\.ssh\\id_rsa.pub": invalid format
debug1: No more authentication methods to try.
git@something.com: Permission denied (publickey).
我仍然完全迷失,因为当我回去尝试克隆时,我得到了这个:
git clone ssh://something.com:7999/ter/terraform.git
Cloning into 'terraform'...
git@something.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
总体问题是 git 的 ssh_config 无法在 ~/.ssh/id_rsa 看到我的私钥....所以我必须准确指定 C 上的位置:它是...而不是我的 git 配置更改此内容并取消注释该行后看起来像这样
Host *
# ForwardAgent no
# ForwardX11 no
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
IdentityFile c:\users\me\.ssh\id_rsa
# IdentityFile ~/.ssh/id_dsa
# IdentityFile ~/.ssh/id_ecdsa
# IdentityFile ~/.ssh/id_ed25519
# Port 7999
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
# UserKnownHostsFile ~/.ssh/known_hosts.d/%k
# Added by git-extra
答案 0 :(得分:1)
有没有办法强制并保证任何 git 命令都使用特定的 ssh 密钥?
从测试身份验证访问开始:
ssh -i C:\path\to\specific\key -Tv git@something.com
收到“欢迎”消息后,您就可以开始检查您的 GIT_SSH_COMMAND 或 ~/.ssh/config 文件,以使该密钥持久使用。
首先,创建一个不带密码的 ssh 密钥,用于测试,以便不必处理 ssh-agent(再次用于测试)
第二个 ssh -i 总是引用私钥,而不是公钥 (.pub)
第三:git clone ssh 将始终使用端口 22,而不是 7999:因此 git 命令失败也就不足为奇了。
所以:在 c:\users\me\.ssh\ 中创建一个配置文件:
Host bb
Hostname something.com
Port 7999
User git
IdentityFile c:\users\me\.ssh\id_rsa
然后将 Host bb 条目用于您的克隆:
git clone bb:ter/terraform.git