我刚安装了最新版本的gitlab和docker(https://hub.docker.com/r/gitlab/gitlab-ce/)并添加了我的ssh密钥,但是当我尝试推送这个docker gitlab时它仍然要求输入密码。
桌面系统:window10,osx
服务器系统:centos 7
docker git(最新版本):docker pull gitlab / gitlab-ce
以下是ssh -vt
输出:
$ ssh -vt git@23.234.53.236
OpenSSH_7.3p1, OpenSSL 1.0.2k 26 Jan 2017
debug1: Reading configuration data /c/Users/Nathan/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 23.234.53.236 [23.234.53.236] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Nathan/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/Nathan/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 23.234.53.236:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:VgBduYKrMafvYg27PfLCXZmiA0vCAnz8obliVveAX+Y
debug1: Host '23.234.53.236' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/Nathan/.ssh/known_hosts:2
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/Nathan/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/Nathan/.ssh/id_dsa
debug1: Trying private key: /c/Users/Nathan/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/Nathan/.ssh/id_ed25519
debug1: Next authentication method: password
git@23.234.53.236's password:
答案 0 :(得分:1)
这是问题&#34; Gitlab没有将SSH密钥添加到authorized_keys,因为升级&#34; 这是解决方案:
root@int-gitlab-01:~ # gitlab-rake gitlab:shell:setup
This will rebuild an authorized_keys file.
You will lose any data stored in authorized_keys file.
Do you want to continue (yes/no)? yes
.................................................. ........................
root@int-gitlab-01:~ # su - git
Last login: Mon Jul 10 09:24:30 AEST 2017 on pts/0
git@int-gitlab-01:~ # ls -la .ssh/authorized_keys
-rw-------. 1 git git 43286 Jul 10 13:36 .ssh/authorized_keys
答案 1 :(得分:0)
仔细检查:
/c/Users/Nathan/.ssh/id_rsa.pub
)添加到您的GitLab SSH设置帐户页面(在一行中)23.234.53.236:~/git/.ssh/authorized_keys
也包含该公钥。答案 2 :(得分:0)
我刚刚在更新的版本上遇到了相同的症状,原因不同:
最新版本成功更新authorized_keys
,您可以通过
ssh -p [port_here] git@[ip_or_host_here]
(这应该连接而不需要密码但随后立即将你踢出去,因为git用户没有shell访问权限。如果要求输入密码,你需要检查你是否在GitLab上正确安装了你的公钥用户界面以及您在本地计算机上设置了私钥)
如果该命令有效,但克隆要求输入密码,这里有一个可行的解决方案对我有用:
gitlab.example.com
,则将gitlab.example.com 127.0.0.1
添加到本地主机文件中。如果您尝试使用除22之外的任何端口进行克隆,则需要修补文件:
/etc/gitlab/gitlab.rb
(例如在vi
)搜索ssh_port
。你应该找到这样的一行:
# gitlab_rails['gitlab_shell_ssh_port'] = 22
取消注释该行并将22更改为您正在使用的端口
如果主机或端口不匹配,它将无法检查您的SSH密钥,并将回退到密码安全性。我确定还有很多其他问题可能是错的,但对我而言,这两个问题的组合似乎并未在其他地方得到解释。
您可以找到更多讨论以及其他可能的原因on this GitLab issue和this docker-gitlab issue。