更新后到 ssh 远程实时服务器并拉取主分支问题
我遇到的情况是,由于大小限制,我无法将裸存储库与特定网站托管在同一服务器上。因此,我在服务器 A 上设置了一个裸存储库,当我很高兴更新良好时,我也想推送主分支。 在 hooks/post-update 中,它应该 ssh 到实时服务器并拉取 master 分支。
我已经在实时服务器上生成了一个公共 ssh 密钥,对其进行了授权并将公共密钥复制到裸存储库服务器上的 /var/www/.ssh/authorized_keys 文件中。基本上在此处
但尝试向实时服务器进行身份验证时失败。
更新后如下所示:
ssh [email protected]
cd cd/path/to/site/.git || exit
git pull bare master
exit
我收到此消息
$ git push server master
[email protected]'s password:
Counting objects: 5, done.
Delta compression using up to 3 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 279 bytes, done.
Total 3 (delta 2), reused 0 (delta 0)
remote:
remote: *** Pulling changes into Live [Live's post-update hook] ***
remote:
remote: Permission denied, please try again.
remote: Permission denied, please try again.
remote: Permission denied (publickey,gssapi-with-mic,password).
remote: fatal: The remote end hung up unexpectedly
To ssh://[email protected]/var/git/websiteToUpdate.git
b251909..883d129 master -> master
I have a situation where for size limitations, I can't host the bare repository on the same server as a particular website. So I've setup a bare repository on server A which I want to push the master branch too when happy that the update is good.
In the hooks/post-update it should ssh to the live server and pull the master branch.
I've generated a public ssh key on the live server, authorized it and copied the public key into /var/www/.ssh/authorized_keys file on the bare repo server. Bascially done everything on this site here
But it's failing when attempting to authenticate to the live server.
The post-update looks like this :
ssh [email protected]
cd cd/path/to/site/.git || exit
git pull bare master
exit
I get this message
$ git push server master
[email protected]'s password:
Counting objects: 5, done.
Delta compression using up to 3 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 279 bytes, done.
Total 3 (delta 2), reused 0 (delta 0)
remote:
remote: *** Pulling changes into Live [Live's post-update hook] ***
remote:
remote: Permission denied, please try again.
remote: Permission denied, please try again.
remote: Permission denied (publickey,gssapi-with-mic,password).
remote: fatal: The remote end hung up unexpectedly
To ssh://[email protected]/var/git/websiteToUpdate.git
b251909..883d129 master -> master
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您似乎在
live上运行git pull,这意味着live将 ssh 返回到www.ServerAAddress.com。因此,有 2 个 ssh 需要使用无密码公钥进行身份验证,其中一个未正确授权:.ssh/id *)存储在“A”上,公钥(在.ssh/authorized_keys中)存储在“live”上。服务器上的位置可能不同。 “A”上的文件需要位于
userForBare用户的家中,而“live”上的文件需要位于www用户的家中。查看日志(ssh 通常登录到
/var/log/auth或/var/log/security)并检查它是否确实找到了它应该的公钥< em>并且它愿意读取它:/var/www作为$HOMEcode>www 用户,因此您可能需要放置其他地方的.ssh/authorized_keys。$HOME/.ssh/,例如/var/www是组可写的,ssh 将拒绝/var/www/.ssh/authorized_keys因为可能已被泄露。You seem to run
git pullonlive, which means thelivewill ssh back intowww.ServerAAddress.com. So there are 2 sshs that need to use passphrase-less public key for authentication and one of them is not correctly authorized:.ssh/id*) stored on "A" and public key (in.ssh/authorized_keys) on "live".git pull) needs private key stored on "live" and public key on "A". The keys should be different.The locations on the servers are probably different. The files on "A" need to be in
userForBare's home, while files on "live" need to be in home ofwwwuser.Look in the logs (ssh usually logs into
/var/log/author/var/log/security) and check that it's actually finding the public keys it's supposed to and that it's willing to read it:/var/wwwas$HOMEof thewwwuser, so you may need to place the.ssh/authorized_keyselsewhere.$HOME/.ssh/if the file or any directory up to root is writable by anybody except that user or root, so if e.g./var/wwwis group-writable, ssh will reject/var/www/.ssh/authorized_keysas possibly compromised.