当前位置: 文江博客话题详情

如何避免在Windows上使用Git Bash时每次都需要输入解密私钥的密码?

发布于 2024-11-02 13:57:47 字数 108 浏览 0 评论 0原文

我有一个自动构建服务,可以从 git 私人存储库下载。 问题是,当它尝试克隆存储库时,它需要提供密码,因为它不被记住;因此,由于没有人为交互,它会永远等待密码。 我如何强制它记住 id_rsa.pub?

原文

I've an automatic building service which download from a git private repository.
The problem is that when it tries to clone repository it need to provide the password, because it is not remembered; so because there is no human interaction, it waits forever the password.
How can I force it to remember from id_rsa.pub?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(7

我乃一代侩神 2024-11-09 13:57:47

对于 Windows 用户,请注意,这就是我设置 Git Bash 环境的方式,以便在启动时登录一次。我编辑我的 ~/.bashrc 文件:

eval `ssh-agent`
ssh-add

因此,当我启动 Git Bash 时,它看起来像:

Welcome to Git (version 1.7.8-preview20111206)
(etc)
Agent pid 3376
Enter passphrase for /c/Users/starmonkey/.ssh/id_dsa:
Identity added: /c/Users/starmonkey/.ssh/id_dsa (/c/Users/starmonkey/.ssh/id_dsa)

现在我可以 ssh 到其他服务器,而无需每次都登录。

For Windows users, just a note that this is how I set up the Git Bash environment to log me in once when I start it up. I edit my ~/.bashrc file:

eval `ssh-agent`
ssh-add

So when I start Git Bash, it looks like:

Welcome to Git (version 1.7.8-preview20111206)
(etc)
Agent pid 3376
Enter passphrase for /c/Users/starmonkey/.ssh/id_dsa:
Identity added: /c/Users/starmonkey/.ssh/id_dsa (/c/Users/starmonkey/.ssh/id_dsa)

And now I can ssh to other servers without logging in every time.

回复 原文
轮廓§ 2024-11-09 13:57:47

这个答案解释了如何永久存储 GitHub 用户名和密码,而不是 SSH 密钥密码。

在 Windows 中,只需运行

$ git config --global credential.helper wincred

这意味着下次推送时,您将输入您的用户名和 密码像往常一样输入密码,但它们将保存在 Windows 凭据中。之后您无需再次输入它们。

推送到 GitHub无需每次都输入用户名和密码(Windows 上的 Git Bash)

This answer explains how to get the GitHub username and password to be stored permanently, not the SSH key passphrase.

In Windows, just run

$ git config --global credential.helper wincred

This means that the next time you push, you'll enter your username and password as usual, but they'll be saved in Windows credentials. You won't have to enter them again, after that.

As in, Push to GitHub without entering username and password every time (Git Bash on Windows).

回复 原文
稚然 2024-11-09 13:57:47

我不想在打开新终端时输入 SSH 密码;不幸的是starmonkey 的解决方案要求每次会话都输入密码。相反,我在我的 .bash_profile 文件中包含此内容:

# Note: ~/.ssh/environment should not be used, as it
#       already has a different purpose in SSH.

env=~/.ssh/agent.env

# Note: Don't bother checking SSH_AGENT_PID. It's not used
#       by SSH itself, and it might even be incorrect
#       (for example, when using agent-forwarding over SSH).

agent_is_running() {
    if [ "$SSH_AUTH_SOCK" ]; then
        # ssh-add returns:
        #   0 = agent running, has keys
        #   1 = agent running, no keys
        #   2 = agent not running
        ssh-add -l >/dev/null 2>&1 || [ $? -eq 1 ]
    else
        false
    fi
}

agent_has_keys() {
    ssh-add -l >/dev/null 2>&1
}

agent_load_env() {
    . "$env" >/dev/null
}

agent_start() {
    (umask 077; ssh-agent >"$env")
    . "$env" >/dev/null
}

if ! agent_is_running; then
    agent_load_env
fi

# If your keys are not stored in ~/.ssh/id_rsa or ~/.ssh/id_dsa, you'll need
# to paste the proper path after ssh-add
if ! agent_is_running; then
    agent_start
    ssh-add
elif ! agent_has_keys; then
    ssh-add
fi

unset env

这也会记住我的新终端会话的密码;当我启动后打开第一个终端时,我只需输入一次。

我想感谢我从哪里得到这个;这是对别人作品的修改,但我不记得它来自哪里。感谢匿名作者!

2019-07-01更新:我认为这一切都是不必要的。现在,我通过确保我的 .bash_profile 文件运行 ssh-agent 来始终保持此功能:

eval $(ssh-agent)

然后我设置了一个 ssh 配置文件,如下所示:

touch ~/.ssh/config
chmod 600 ~/.ssh/config
echo 'AddKeysToAgent yes' >> ~/.ssh/config

I prefer not to have to type my SSH passphrase when opening new terminals; unfortunately starmonkey's solution requires the password to be typed in for every session. Instead, I have this in my .bash_profile file:

# Note: ~/.ssh/environment should not be used, as it
#       already has a different purpose in SSH.

env=~/.ssh/agent.env

# Note: Don't bother checking SSH_AGENT_PID. It's not used
#       by SSH itself, and it might even be incorrect
#       (for example, when using agent-forwarding over SSH).

agent_is_running() {
    if [ "$SSH_AUTH_SOCK" ]; then
        # ssh-add returns:
        #   0 = agent running, has keys
        #   1 = agent running, no keys
        #   2 = agent not running
        ssh-add -l >/dev/null 2>&1 || [ $? -eq 1 ]
    else
        false
    fi
}

agent_has_keys() {
    ssh-add -l >/dev/null 2>&1
}

agent_load_env() {
    . "$env" >/dev/null
}

agent_start() {
    (umask 077; ssh-agent >"$env")
    . "$env" >/dev/null
}

if ! agent_is_running; then
    agent_load_env
fi

# If your keys are not stored in ~/.ssh/id_rsa or ~/.ssh/id_dsa, you'll need
# to paste the proper path after ssh-add
if ! agent_is_running; then
    agent_start
    ssh-add
elif ! agent_has_keys; then
    ssh-add
fi

unset env

This will remember my passphrase for new terminal sessions as well; I only have to type it in once when I open my first terminal after booting.

I'd like to credit where I got this; it's a modification of somebody else's work, but I can't remember where it came from. Thanks anonymous author!

Update 2019-07-01: I don't think all this is necessary. I now consistently have this working by ensuring my .bash_profile file runs the ssh-agent:

eval $(ssh-agent)

Then I set up an ssh configuration file like this:

touch ~/.ssh/config
chmod 600 ~/.ssh/config
echo 'AddKeysToAgent yes' >> ~/.ssh/config
回复 原文
笑,眼淚并存 2024-11-09 13:57:47

如果我正确理解这个问题,您已经在构建服务中使用了授权的 SSH 密钥,但您想避免为每个克隆键入密码?

我可以想到两种方法来执行此操作:

  1. 如果您的构建服务是以交互方式启动的:在启动构建服务之前,以足够长的超时启动 ssh-agent (- t 选项)。然后在启动构建服务之前使用 ssh-add (msysGit 应该有这些)添加您需要的所有私钥。您仍然需要输入所有密码,但每次服务启动只需输入一次。

  2. 如果您想完全避免输入密码,您可以随时从 SSH 密钥中删除密码,如 https://serverfault.com/questions/50775/how-do-i-change-my-private-key-passphrase< /em>,通过设置一个空的新密码。这应该完全消除密码提示,但它比以前的选项更不安全。

If I understand the question correctly, you're already using an authorized SSH key in the build service, but you want to avoid having to type the passphrase for every clone?

I can think of two ways of doing this:

  1. If your build service is being started interactively: Before you start the build service, start ssh-agent with a sufficiently long timeout (-t option). Then use ssh-add (msysGit should have those) to add all the private keys you need before you start your build service. You'd still have to type out all the passphrases, but only once per service launch.

  2. If you want to avoid having to type the passphrases out at all, you can always remove the passphrases from the SSH keys, as described in https://serverfault.com/questions/50775/how-do-i-change-my-private-key-passphrase, by setting an empty new passphrase. This should do away with the password prompt entirely, but it is even less secure than the previous option.

回复 原文
眼泪都笑了 2024-11-09 13:57:47

当我尝试推送我的代码时,出现以下错误:

$ git push origin dev

remote: Too many invalid password attempts. Try logging in through the website with your password.
fatal: unable to access 'https://[email protected]/xxxx/xxxx-api.git/': The requested URL returned error: 403

经过几个小时的研究,我发现我需要使用以下命令:

$ git config --global credential.helper cache

执行上述命令后,我收到输入 GitHub 用户名和密码的提示。提供正确的凭据后,我就可以推送我的代码。

When I tried to push my code, I got the below error:

$ git push origin dev

remote: Too many invalid password attempts. Try logging in through the website with your password.
fatal: unable to access 'https://[email protected]/xxxx/xxxx-api.git/': The requested URL returned error: 403

After a few hours of research, I found I need to use the below command:

$ git config --global credential.helper cache

After executing the above command, I got the prompt for entering my GitHub username and password. After providing the correct credentials, I am able to push my code.

回复 原文
如日中天 2024-11-09 13:57:47

正确的解决方案是:

  1. 运行 Windows 默认终端 - cmd 并获取主配置文件的目录

    echo %USERPROFILE%

  2. 在上面的目录中运行 Git Bash 并使用以下命令创建 .bashrc 文件< /p>

    回显“”> .bashrc

  3. 使用您喜欢的文本打开 .bashrc 文件编辑器并粘贴来自 GitHub 帮助的代码进入该文件:

    env=~/.ssh/agent.env
...
从 URL 复制整个代码 - 我无法将其添加到 Stack Overflow,因为它破坏了布局...天哪!

  4. 重新启动 Git Bash,它会要求您输入密码(仅限第一次)并完成。不再需要密码麻烦。

The right solution is:

  1. Run the Windows default terminal - cmd and get the directory of your master profile

    echo %USERPROFILE%

  2. Run Git Bash in the directory above and create the .bashrc file with the command

    echo "" > .bashrc

  3. Open the .bashrc file with your favourite text editor and paste code from GitHub Help into that file:

    env=~/.ssh/agent.env
...
COPY WHOLE CODE FROM URL - I can't add it to Stack Overflow because it breaks layout... OMG!

  4. Restart Git Bash and it asks you for your password (only first time) and done. No password bothering again.

回复 原文
泅人 2024-11-09 13:57:47

您需要在要连接到存储库服务器的用户的 .ssh 文件夹下创建 authorized_keys 文件。例如,假设您在 repo.server 上使用用户名 buildservice,您可以运行:

cd ~buidservice
mkdir ./ssh
cat id_rsa.pub >> .ssh/authorized_keys

然后您必须检查以下内容:

  1. 对应的 id_rsa 私钥位于 [email protected]:~/.shh/id_rsa

  2. repo.server 的指纹存储在[电子邮件受保护]:~/.ssh/known_hosts 文件。通常,这将在第一次尝试 ssh 连接到 repo.server 后完成。

You need to create the authorized_keys file under the .ssh folder of the user under which you are going to connect to the repository server. For example, assuming you use username buildservice on repo.server you can run:

cd ~buidservice
mkdir ./ssh
cat id_rsa.pub >> .ssh/authorized_keys

Then you have to check the following things:

  1. That corresponding id_rsa private key is presented in [email protected]:~/.shh/id_rsa.

  2. That fingerprint of repo.server is stored in the [email protected]:~/.ssh/known_hosts file. Typically that will be done after the first attempt of ssh to connect to the repo.server.

回复 原文
~没有更多了~

关于作者

泪痕残

暂无简介

0 文章
0 评论
22 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lorenzathorton8

文章 0 评论 0

Zero

文章 0 评论 0

萧瑟寒风

文章 0 评论 0

mylayout

文章 0 评论 0

tkewei

文章 0 评论 0

17818769742

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文