我可能不正确使用给定存储库的Deploy密钥,或者我不知道github Deploy密钥已损坏。
我创建了一个私有存储库。对于该存储库,我创建了一个SSH RSA密钥(我们将其称为private_repo_key)。 private_repo_key与此存储库的Deploy密钥相关联(具有读/写权限)。我想使用能够从远程(并且可能是不安全的)服务器上推送此单个存储库的功能。
private_repo_key在我的远程服务器上。它可以正常工作,我可以从此服务器向/从我的私人仓库中推入/拉出。 private_repo_key 不在在本地主机上。
另一方面,我有一个与github帐户关联的全局ssh RSA密钥。我们称之为global_key。在创建private_repo_key之前,我可以推/拉所有存储库,而global_key没有任何问题。
由于我将private_repo_key与可证明的存储库相关联,所以我的全局访问权限似乎已损坏。
如果我尝试从本地主机(而不是私有主机)推送到我的一个存储库(比如说jreybert / vimagit),则会触发global_key。但是一旦建立连接,就好像github是否将此连接与private_repo_key关联,显然,该连接无权对此存储库执行任何操作。
如果我尝试推动,则会出现以下错误:
git push
ERROR: Permission to jreybert/vimagit denied to deploy key
fatal: Could not read from remote repository.
我的.ssh/config如下:
Host github.com
ForwardX11 no
User git
Hostname github.com
IdentityFile ~/.ssh/id_rsa_github
如果我尝试通过ssh连接到github,我会得到以下答案:
ssh -T github.com
Hi jreybert/private-repo! You've successfully authenticated, but GitHub does not provide shell access.
用冗长的语气确认,如果与我的global_key建立了连接,则授予该连接具有private_repo_key的权限:
ssh -vT github.com
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /nfs/home/jreybert/.ssh/config
debug1: /nfs/home/jreybert/.ssh/config line 70: Applying options for github.com
debug1: /nfs/home/jreybert/.ssh/config line 94: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 50: Applying options for *
debug1: Connecting to github.com [140.82.118.4] port 22.
debug1: Connection established.
debug1: identity file /nfs/home/jreybert/.ssh/id_rsa_github type 1
debug1: key_load_public: No such file or directory
debug1: identity file /nfs/home/jreybert/.ssh/id_rsa_github-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version babeld-80573d3e
debug1: no match: babeld-80573d3e
debug1: Authenticating to github.com:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: zlib@openssh.com
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: zlib@openssh.com
debug1: kex: curve25519-sha256 need=64 dh_need=64
debug1: kex: curve25519-sha256 need=64 dh_need=64
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /nfs/home/jreybert/.ssh/known_hosts:2
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/jerome/.ssh/id_rsa_github_private_repo
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([140.82.118.4]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Requesting authentication agent forwarding.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi jreybert/private-repo! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2824, received 2228 bytes, in 0.2 seconds
Bytes per second: sent 11693.7, received 9225.8
debug1: Exit status 1
debug1: compress outgoing: raw data 149, compressed 135, factor 0.91
debug1: compress incoming: raw data 135, compressed 149, factor 1.10
在我的本地主机上使用ssh-agent进行游戏时,我已经获得了正确的权限,但是我并不十分了解如何以及为什么。
我错过了什么?