工作过程中,经常会使用到多个git仓库,每个git仓库对应一个账号,可以理解为每个git仓库对应一个ssh key,因此我们需要管理多个ssh key。
一、快速创建ssh key
1. 创建SSH keys:
mkdir -p ~/.ssh
ssh-keygen -t rsa -C "your_email@example.com" -f .ssh/id_rsa_xxx
2. 添加存在的SSH keys:
第一步,启动ssh-agent环境:
Git Bash:
# start the ssh-agent in the background
eval "$(ssh-agent -s)"
Agent pid 59566
其它终端:
# start the ssh-agent in the background
eval $(ssh-agent -s)
Agent pid 59566
第二步:
#id_rsa指你存在的private ssh key,如名为"id_rsa_git"
ssh-add ~/.ssh/id_rsa
3. 测试ssh配置
借助github测试,需先把ssh publish key添加到github账号:https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account/
#建议开启v,输出详细信息。i代表你的私钥路径。
ssh -i ~/.ssh/id_rsa_git -vT git@github.com
结果如下:
#省略debug输出
Hi your_email@example.com! You've successfully authenticated, but GitHub does not provide shel
l access.
如有疑问,可参见github手册:https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/#adding-your-ssh-key-to-the-ssh-agent
注意 : ssh-add 这个命令不是用来永久性的记住你所使用的私钥的。实际上,它的作用只是把你指定的私钥添加到 ssh-agent 所管理的一个 session 当中。
而 ssh-agent 是一个用于存储私钥的临时性的 session 服务,也就是说当你重启之后,ssh-agent 服务也就重置了。
二、多个ssh keys解决方案
1. 在~/.ssh目录创建config,配置config管理多个ssh keys。
touch ~/.ssh/config
内容如下:
#github网站使用User=git
Host github
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_git
#code.csdn网站
Host code.csdn.net
HostName code.csdn.net
User csdn
IdentityFile ~/.ssh/id_rsa_csdn
2. windows配置ssh-agent随GIT BASH启动
由于priavte key不是默认名字id_rsa,因此每次打开git bash需要重复执行ssh-agent,ssh-add,然后再进行ssh操作,比较麻烦,因此我们通过脚本实现自动化。
参见:https://help.github.com/articles/working-with-ssh-key-passphrases/#auto-launching-ssh-agent-on-msysgit
在~目录创建.profile:
touch ~/.profile
# 复制下面脚本到~/.profile
# Note: ~/.ssh/environment should not be used, as it
# already has a different purpose in SSH.
env=~/.ssh/agent.env
# Note: Don't bother checking SSH_AGENT_PID. It's not used
# by SSH itself, and it might even be incorrect
# (for example, when using agent-forwarding over SSH).
agent_is_running() {
if [ "$SSH_AUTH_SOCK" ]; then
# ssh-add returns:
# 0 = agent running, has keys
# 1 = agent running, no keys
# 2 = agent not running
ssh-add -l >/dev/null 2>&1 || [ $? -eq 1 ]
else
false
fi
}
agent_has_keys() {
ssh-add -l >/dev/null 2>&1
}
agent_load_env() {
. "$env" >/dev/null
}
agent_start() {
(umask 077; ssh-agent >"$env")
. "$env" >/dev/null
}
if ! agent_is_running; then
agent_load_env
fi
# if your keys are not stored in ~/.ssh/id_rsa or ~/.ssh/id_dsa, you'll need
# to paste the proper path after ssh-add
if ! agent_is_running; then
ssh-add
agent_start
#指定你的多个keys,每个一行。如:ssh-add ~/.ssh/id_rsa_git
elif ! agent_has_keys; then
ssh-add
#指定你的多个keys,每个一行。如:ssh-add ~/.ssh/id_rsa_git
fi
unset env
重新打开GIT BASH,看到如下信息:
bash: /c/Users/xxx/.ssh/agent.env: No such file or directory
Identity added: /c/Users/xxx/.ssh/id_rsa_git (/c/Users/xxx/.ssh/id_rsa_git)
Identity added: /c/Users/xxx/.ssh/id_rsa_csdn (/c/Users/xxx/.ssh/id_rsa_git)
查看进程"ssh-agent"已运行后,打开GIT BASH:
ssh -vT git@gitlab.alibaba-inc.com
看到类似结果(有裁剪):
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxx/.ssh/id_rsa_git
Hi xxx! You've successfully authenticated, but GitHub does not provide shell access.
至此,Windows环境Git管理多个SSH KEYS完成,Linux/MAC等*unix类似。
三、TortoiseGit/SourceTree配置
TortoiseGit是常见的GIT GUI工具,它使用ppk。
1. 打开
TortoiseGit/
PuTTYgen,并加载之前生成好的ssh private key(如~/.ssh/id_rsa_git)。
2. 点击"save private key"保存为ppk文件。
3. 打开
TortoiseGit/
Pageant,点击"Add key"添加上面生成的ppk文件。
可以使用TortoiseGit代替GIT BASH操作github、gitlab等东东了。
SourceTree与TortoiseGit操作方案类似,不同的是操作页面不一样。
四、其他ssh key注意事项
~/.ssh目录在*unix权限为700:chmod 700 ~/.ssh,在windows不需要。
对于指定私钥,设置密码:
ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
