github官方操作文档:Generating a new SSH key and adding it to the ssh-agent - GitHub Docs
操作流程如下
1.生成一个新的ssh文件([email protected] 替换为自己的邮箱)
ssh-keygen -t ed25519 -C "[email protected]"
# 如果系统不支持 Ed25519 算法,可以使用下面方法创建
# ssh-keygen -t rsa -b 4096 -C "[email protected]"
# 如果需要给秘钥设置密码,也可以在这两步的时候,设置密码
> Enter passphrase (empty for no passphrase): [Type a passphrase]
> Enter same passphrase again: [Type passphrase again]
2.添加公钥到github
复制公钥内容到剪贴板
打开浏览器,登录github.com ,右上角,点击settings
找到 SSH and GPG keys ,点击进入
点击添加
测试权限是否正常,能否通过ssh访问git
ssh -T [email protected]
b.访问失败如下:
访问失败,需要检查公钥文件是否添加到github
其他机器通过指定秘钥文件访问【方式一】
1.创建目录,并拷贝秘钥文件该目录下,并修改为0600权限
mkdir -pv ~/.ssh_git
# 将私钥文件拷贝到该目录,并修改权限
chmod 0600 -R ~/.ssh_git
2.启动ssh-agent代理,并添加私钥,然后进行测试
eval "$(ssh-agent -s)"
ssh-add ~/.ssh_git/id_ed25519
ssh -T [email protected]
当ssh-agent进程结束时,将失去访问权限,若想继续访问,还需要重新执行操作
重新添加私有执行
其他机器通过指定秘钥文件访问【方式二】
通过 .gitconfig 配置文件进行配置,该配置针对git命令
core.sshCommand
If this variable is set, git fetch
and git push
will use the specified command instead of ssh
when they need to connect to a remote system. The command is in the same form as the GIT_SSH_COMMAND
environment variable and is overridden when the environment variable is set.
git config --global core.sshCommand 'ssh -i ~/.ssh_git/id_ed25519 -p 22'
该操作会在用户家目录自动生成.gitconfig配置文件,内容如下
测试,需要指定克隆私有仓库进行测试,下图表示测试成功
其他机器通过指定秘钥文件访问【方式三】
通过 GIT_SSH_COMMAND 环境变量实现访问
$GIT_SSH_COMMAND
takes precedence over $GIT_SSH
, and is interpreted by the shell, which allows additional arguments to be included. $GIT_SSH
on the other hand must be just the path to a program (which can be a wrapper shell script, if additional arguments are needed).
export GIT_SSH_COMMAND="ssh -i ~/.ssh_git/id_ed25519 -p 22"
注意:GIT_SSH_COMMAND 的优先权大于 GIT_SSH
通过 GIT_SSH 环境变量实现访问
官方文档:Git - git Documentation
GIT_SSH, if specified, is a program that is invoked instead of ssh when Git tries to connect to an SSH host. It is invoked like $GIT_SSH [username@]host [-p
大概意思指定了 GIT_SSH ,则当git通过ssh连接主机是,调用GIT_SSH设置的脚本来替换默认的ssh命令
1.创建一个文件,内容如下 ~/.ssh_git/ssh-git.sh
vim ~/.ssh_git/ssh-git.sh
#!/bin/bash
if [ -z "$PKEY" ]; then
# if PKEY is not specified, run ssh using default keyfile
ssh "$@"
else
ssh -i "$PKEY" -p 22 "$@"
fi
2.添加可执行权限
chmod a+x ~/.ssh_git/ssh-git.sh
3.通过添加私有方式进行访问
export GIT_SSH=~/.ssh_git/ssh-git.sh
PKEY=~/.ssh_git/id_ed25519 git clone [email protected]:nineaiyu/scorems.git
4.整理上面操作步骤,可总结一个脚本git.sh,内容如下:
#!/bin/bash
#
if [ $# -eq 0 ]; then
echo "git.sh -i ssh-key-file git-command"
exit 1
fi
git_ssh_tmp=~/.git_ssh.tmp
trap "rm -f ${git_ssh_tmp}" 0
if [ "$1" = "-i" ]; then
SSH_KEY=$2
shift
shift
echo "ssh -i $SSH_KEY -p 22 \$@" > ${git_ssh_tmp}
chmod +x ${git_ssh_tmp}
export GIT_SSH=${git_ssh_tmp}
fi
[ "$1" = "git" ] && shift
git "$@"
执行操作如下:
chmod a+x git.sh
./git.sh -i ~/.ssh_git/id_ed25519 clone [email protected]:nineaiyu/scorems.git