多个Git账户的SSH密钥管理

zf2sa74q  于 2023-09-29  发布在  Git
关注(0)|答案(3)|浏览(142)

我正在尝试为多个git帐户创建多个SSH密钥。目前,我有一个Github帐户和两个Gitlab帐户,我找不到跨多个git平台的多帐户指南。你能帮我吗?
关键是:

  1. id_rsa_github git用户名是demetere
  2. id_rsa_gitlab git用户名是demetere
  3. id_rsa_gitlab_identomat git用户名是demetere._
    我真的需要帮助代理和克隆和推权限。我为每个帐户生成了3个密钥,并将它们添加到帐户中,还添加到代理中。唯一剩下的是config文件,以及在克隆repos和推送时是否需要做任何特定的事情。
    另外,当我是其他用户仓库的贡献者时,我如何用正确的主机克隆它?谢谢
anhgbhbe

anhgbhbe1#

其主要思想是使用~/.ssh/config为每个帐户分配一个“Host”条目:

  1. Host ghuser1
  2. Hostname github.com
  3. User git
  4. IdentityFile ~/.ssh/key1
  5. Host gluser1
  6. Hostname gitlab.com
  7. User git
  8. IdentityFile ~/.ssh/keyg1
  9. Host gluser2
  10. Hostname gitlab.com
  11. User git
  12. IdentityFile ~/.ssh/keyg2

这意味着,对于克隆,您需要使用“Host“条目:

  1. git clone ghuser1:me/MyRepo

您还可以使用以下命令测试身份验证:

  1. ssh -Tv ghuser1
  2. ssh -Tv gluser1
  3. ssh -Tv gluser2

几个注意事项:

  • Useralwaysgit,而不是你的GitHub或GitLab帐户用户名。
  • 需要进行身份验证,以确定您的帐户是否有权访问 private 存储库(您必须是added as collaborator)。

对于公共存储库,这不太重要。

展开查看全部
eh57zj3b

eh57zj3b2#

VonC已经回答了主要问题。通过在~/.ssh/config中将git origin设置为别名,您可以告诉每个存储库使用特定的键。
您仍然需要在任何时候进行推送时将这些密钥加载到ssh-agent中。您可以使用这个bash脚本自动执行此操作。它加载以id_rsa开头的所有ssh键。有关设置和使用方法,请参见文件中的文档。
注意,这个ssh-agent只在从CLI使用git时才起作用。您使用的任何IDE都有自己的方法来通过SSH进行身份验证。

  1. : ' DOCUMENTATION
  2. This file describes and implements authenticating with git over ssh using the cli.
  3. USAGE
  4. Run this as a one-off with
  5. $ source start-ssh-agent
  6. If you call this script without `source` the ssh-agent will be lost in the child process.
  7. To automatically authenticate in every new shell:
  8. 1. Save this file to `~/.ssh/start-ssh-agent`
  9. 2. Find your shell's rc file
  10. Each shell has its own rc file:
  11. * bash: ~/.bashrc
  12. * zsh: ~/.zshrc
  13. * general: ~/.$(basename $SHELL)rc
  14. 3. To your rc file, add the line `. ~/.ssh/start-ssh-agent`
  15. SETUP
  16. Generate an ssh key,
  17. optionally providing a file name ending in _rsa with -f
  18. and your identity with -C
  19. $ ssh-keygen -t rsa -b 4096 -C [email protected] -f ~/.ssh/id_rsa
  20. If you provide a name, end it with `_rsa` to help the below script find it.
  21. If you use a passphrase, it must be used every time you use the ssh Key to connect.
  22. Make sure that the files are in the KEY_FOLDER defined in the below script.
  23. Two files are produced:
  24. The *_rsa file is used to authenticate from your machine.
  25. Share the *_rsa.pub file with your git provider as a public key.
  26. After you have created a key for each account, setup your ssh config file.
  27. Replace the IdentityFile path with the _rsa file you generated.
  28. ---------| ~/.ssh/config | ---------
  29. Host my-host-alias
  30. HostName github.com
  31. User git
  32. IdentityFile ~/.ssh/id_rsa
  33. IdentitiesOnly yes
  34. ------------------------------------
  35. We can configure git to use this alias, allowing us to use the given IdentityFile
  36. automatically.
  37. Setting IdentitiesOnly forces the agent to only use the given IdentityFile
  38. rather than try every possible ssh key in the KEY_FOLDER.
  39. Open a bash terminal in the local project.
  40. Check your current git origin
  41. $ git remote -v
  42. Automatically replace the current remote url with your alias.
  43. $ git remote set-url origin my-host-alias:$(git remote -v | grep -m 1 -oE [a-z]+\/[a-z-]+.git)
  44. Test that keys were added by listing active keys
  45. $ ssh-add -l
  46. END DOCUMENTATION'
  47. SSH_ENV=~/.ssh/agent.environment
  48. KEY_FOLDER=~/.ssh
  49. KEY_PREFFIX=id_rsa
  50. # export the SSH_AUTH_SOCK and SSH_AGENT_PID variables
  51. # making the running ssh agent available to child processes
  52. function run_ssh_env {
  53. . "${SSH_ENV}" > /dev/null
  54. }
  55. # start the ssh-agent and add keys
  56. function start_ssh_agent {
  57. echo "Initializing new SSH agent..."
  58. # spawn ssh-agent and store agent config
  59. ssh-agent | sed 's/^echo/#echo/' > "${SSH_ENV}"
  60. chmod 600 "${SSH_ENV}"
  61. run_ssh_env
  62. ssh-add $KEY_FOLDER/$KEY_PREFFIX* || \
  63. echo "Incorrect passphrase, skipping key..."
  64. echo "Agent started"
  65. }
  66. if [ -f "${SSH_ENV}" ]
  67. then
  68. run_ssh_env # look for the last running agent
  69. ps -ef | grep ${SSH_AGENT_PID} | grep ssh-agent$ > /dev/null || {
  70. start_ssh_agent # if the last agent is no longer running,
  71. } # start another one
  72. else
  73. start_ssh_agent
  74. fi
  75. # verify that your keys were successfuly added
  76. ssh-add -l || \
  77. echo -e "No keys configured from $KEY_FOLDER/$KEY_PREFFIX*" \
  78. "\nSSH authentication may fail!"
  79. # remove variables so they don't interfere with normal shell usage
  80. unset SSH_ENV
  81. unset KEY_FOLDER
  82. unset KEY_PREFFIX
  83. unset run_ssh_env
  84. unset start_ssh_agent
展开查看全部
dohp0rv5

dohp0rv53#

让我们举一个例子,你有两个gitlab仓库,一个用于个人帐户,一个用于工作,两个都有不同的帐户用户。

  1. @my-personal -> Personal Account gitlab
  2. @my-work -> Work Account gitlab

第一步:

为每个帐户生成ssh密钥:为您的密钥给予

  1. ssh-keygen -t rsa -b 4096 -f ~/.ssh/my-personal
  2. ssh-keygen -t rsa -b 4096 -f ~/.ssh/my-work

第二步

  1. cd ./ssh

更新配置文件

  1. # Personal SSH key for GitLab
  2. Host gitlab-personal
  3. HostName gitlab.com
  4. User git
  5. IdentityFile ~/.ssh/my-personal
  6. # Nthexam SSH key for GitLab
  7. Host gitlab-work
  8. HostName gitlab.com
  9. User git
  10. IdentityFile ~/.ssh/my-work

第三步

将这些密钥上传到gitlab中的相应帐户设置中

  1. User -> Profile -> SSH keys
  2. https://gitlab.com/-/profile/keys

一旦你上传了公钥,你就可以测试

第四步

测试端子中的连接

  1. ssh -T git@gitlab-personal
  2. -> output Welcome to GitLab, @my-personal
  3. ssh -T git@gitlab-work
  4. -> output Welcome to GitLab, @my-work

第5步克隆需要给予主机名别名

  1. git clone git@gitlab-personal:{ssh_url}
  2. git clone git@gitlab-work:{ssh_url}

如果gitlab clone ssh url是个人账号

  1. [email protected]:my-development/backend/mydev.git

那就改成

  1. git@gitlab-personal:my-development/backend/mydev.git

步骤6

您可以按照@demetere._的建议设置远程源,这样就不必每次都键入主机名
如果你创建了一个新的仓库,或者克隆了一个已经存在的仓库,你也可以给予一个主机名。
您可以将新的远程源测试为

  1. git remote --verbose
  2. origin [email protected]:my-development/backend/mydev.git (fetch)
  3. origin [email protected]:my-development/backend/mydev.git (push)
展开查看全部

相关问题