我已经构建了一个PHP脚本,可以在特定文件夹上执行git fetch:
确切的命令是:
usr/bin/git --git-dir=/home/bathan/www/sync_test/repo3//.git --work-tree=/home/bathan/www/sync_test/repo3/ fetch
当然,如果我在命令行上运行它,它可以很好地工作。
现在,当我使用shell_exec运行时,我收到以下错误:
Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-with-mic,password). fatal: The remote end hung up unexpectedly
查看服务器尝试连接的确切错误是:
Apr 8 10:52:17 myserver sshd [26230]: 来自git的密码失败 192.15.136.253端口32878 ssh2
所以,好的。我猜这个shell_exec无法读取我设置的〜/ .ssh / id_rsa键。所以我给了该文件777的权限,我收到了这个错误。
@@@@@ @警告:UNPROTECTED PRIVATE 关键文件! @ @@@ 权限0777 '/home/bathan/.ssh/id_rsa'也是 打开。建议你的 私钥文件不可访问 由他人。这个私钥将是 忽略。错误权限:忽略键: /home/bathan/.ssh/id_rsa许可 否认,请再试一次。允许 否认,请再试一次。允许 否认 (公钥,GSSAPI与 - 麦克风,密码)。 致命的:远程端挂了 出乎意料
所以我猜git能够读取密钥文件。如果我把它恢复到正确的权限,我会再次回到第一个错误。
注意:我的apache服务器设置为使用我的同一个用户(bathan)运行,这是一个ubuntu框。
这是ssh -v Response
OpenSSH_5.5p1 Debian-4ubuntu5, OpenSSL 0.9.8o 01 Jun 2010
Pseudo-terminal will not be allocated because stdin is not a terminal.
debug1: Reading configuration data /home/bathan/.ssh/config
debug1: Applying options for gitserver
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to git.myserver.com [77.171.171.229] port 22.
debug1: Connection established.
debug1: identity file /home/bathan/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-1023
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-1023
debug1: identity file /home/bathan/.ssh/id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu5
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'git.myserver.com' is known and matches the RSA host key.
debug1: Found key in /home/bathan/.ssh/known_hosts:4
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found
..
..
任何想法?
答案 0 :(得分:2)
您确定PHP脚本是使用您使用?{/ p>设置~/.ssh/id_rsa
的同一用户执行的
E.g。在许多环境中,Web服务器(例如Apache)由www-data
运行。我只是猜测www-data
不是$HOME/.ssh/
id_rsa
所在的用户。
尝试在.ssh/config
:
Host gitserver
Hostname fqdn.example.org
IdentityFile /home/THE-USER/.ssh/id_rsa
如果这没有帮助,请调试如下:
来自PHP:
<?php
shell_exec("ssh -v gitserver");
查看在这种情况下使用哪些键来了解它为什么不起作用。
答案 1 :(得分:0)
我发现了问题。
rsa_id使用了一个释义,并且显然没有被脚本输入。
我用ssh-keygen -p删除了这个释义,它就像一个魅力。
感谢大家的帮助!!