今天和同事在弄github的时候,遇到了点小麻烦,在全球最大的中文网上一搜,果然不出所料,找不到写解决方案,于是自己在stackOverFlower上看了好几篇,总结了一下,终于找到解决方案!报错如下:
ERROR: Permission to hbxn740150254/BestoneGitHub.git denied to Chenzuohehe. fatal: Could not read from remote repository.Please make sure you have the correct access rights and the repository exists.
初看知道大概是没有权限,导致不能从远程仓库读取,后来询问才知道我同事的电脑的SSH公钥已经绑定了他自己的GitHub 账号,我就不能再用他的公钥了,具体的请看stackoverflow网友所说的:
GitHub will use the key as means to identify you when you connect to them via SSH. As such, you cannot have multiple accounts with the same key, as GitHub won’t be able to tell then which of your accounts you want to use.
上面说的话很清楚,就是你不能有多个账号添加了同一个公钥,一旦那样github就不能区分到底是哪个用户在安全登陆网站,那安全登录就起不到任何效果了,因为你能登进去,我也能登进去,那服务器到底判断是谁登了呢!但是要注意一个账号可以拥有多个公钥,这个是可以允许的!比如,在A电脑和B电脑上的公钥都绑定了同个一个账户Tom,那么两台电脑在终端上输入ssh -T git@github.com
最后都会显示
Hi Tom! You've successfully authenticated, but GitHub does not provide shell access.
服务器依然会知道这是Tom的第二台电脑在登陆,他是土豪,账号依然很安全!
场景
下面再举个例子,Tom在公司有个公司账户publicAccount,然后回到家他也有自己创建私人的账号privateAccount,但是他只有一台电脑,意味着一般情况下,他要么用公司账户绑定电脑公钥,要么用家里私人账号绑定,但是不管哪一种绑定,最后都达不到这两个账号访问同一个远程仓库,那么协同开发也就成了泡沫!因为只有一台电脑,如果Tom试图访问没有绑定公钥的账户的时候,就会报错ERROR: Permission to hbxn740150254/BestoneGitHub.git denied to Tom
解决思路
-
买台新电脑,获得新公钥,这是最土豪也是最傻的方法
-
利用自己唯一的电脑生成多公钥,公钥一多,不就可以想绑定多少个都行了吗,不怕你把它玩坏😂😂😂
解决方案
-
1、生成一个新的SSH KEY
AppledeiMac:~ Apple$ cd ~/.ssh AppledeiMac:.ssh Apple$ ls id_rsa id_rsa.pub known_hosts AppledeiMac:.ssh Apple$ ssh-keygen -t rsa -C "iMac_personnal_publicKey" Generating public/private rsa key pair. Enter file in which to save the key (/Users/Apple/.ssh/id_rsa): /Users/Apple/.ssh/id_rsa_personal Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/Apple/.ssh/id_rsa_personal. Your public key has been saved in /Users/Apple/.ssh/id_rsa_personal.pub. The key fingerprint is: SHA256:1gepuxDHwJRnFbKvc0Zq/NGrFGE9kEXS06jxatPPrSQ iMac_personnal_publicKey The key's randomart image is: +---[RSA 2048]----+ | ....=*oo | | o. ooo=+ . | | oo. =+o. | | o =.o.. | | . S =o. | | = =++. | | . B.=.Eo.. | | o B . +o .| | . o.. .. | +----[SHA256]-----+ AppledeiMac:.ssh Apple$ ls id_rsa id_rsa_personal known_hosts id_rsa.pub id_rsa_personal.pub`
-
2、打开新生成的~/.ssh/id_rsa2.pub文件,将里面的内容添加到GitHub后台。
-
3、打开~/.ssh/config文件
没有config文件则创建,终端输入touch config ,创建完以后用Vim打开或者是在Finder打开一样。
在不影响默认的github设置下我们重新添加一个Host:
建一个自己能辨识的github别名,我取的是github-personal,新建的帐号使用这个别名做克隆和更新
Host github-personal
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_personal
编辑完毕之后按下ESC,:wq,:wq是保存并退出vim编辑器
具体在终端代码如下:
cat config 是把config文件里面的内容在终端输出
AppledeiMac:.ssh Apple$ vim config
AppledeiMac:.ssh Apple$ cat config
#Default GitHub
Host github.com
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa
Host github-personal
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_personal
-
4、将GitHub SSH仓库地址中的git@github.com替换成新建的Host别名。
如原地址是 git@github.com:hbxn740150254/BestoneGitHub.git
替换后应该是:github-personal:hbxn740150254/BestoneGitHub.git
或者git@github-personal:hbxn740150254/BestoneGitHub.git
亲测都是可以的,
如果是新建的仓库,直接使用替换后的URL克隆即可。如果已经使用原地址克隆过了,可以使用命令修改:
AppledeiMac:.ssh Apple$ cd /Users/Apple/Desktop/BestoneDemo
//修改之前
Apple$ git remote -v
github git@github.com:hbxn740150254/BestoneGitHub.git (fetch)
github git@github.com:hbxn740150254/BestoneGitHub.git (push)
//修改 remote set-url
AppledeiMac:BestoneDemo Apple$ git remote set-url github github- personal:hbxn740150254/BestoneGitHub.git
//验证是否修改成功
//使用修改后的github-personal SSH连接,连接成功用户是hbxn740150254,此时公钥是id_rsa_personal
AppledeiMac:BestoneDemo Apple$ ssh -T github-personal
Hi hbxn740150254! You've successfully authenticated, but GitHub does not provide shell access.
//使用默认的git@github.com SSH去连接,连接成功用户是FaxeXian,此时公钥是id_rsa
AppledeiMac:.ssh Apple$ ssh -T git@github.com
Hi FaxeXian! You've successfully authenticated, but GitHub does not provide shell access.
//修改之后
AppledeiMac:BestoneDemo Apple$ git remote -v
github github-personal:hbxn740150254/BestoneGitHub.git (fetch)
github github-personal:hbxn740150254/BestoneGitHub.git (push)
最后我们进行正常的push,fetch 操作,都可以
//更改后的github push成功!
AppledeiMac:BestoneDemo Apple$ git push github testMerge:master
Total 0 (delta 0), reused 0 (delta 0)
To github-personal:hbxn740150254/BestoneGitHub.git
cd773e9..f622210 testMerge -> master
//github默认的节点origin我们也可以正常push操作
AppledeiMac:BestoneDemo Apple$ git push origin testMerge:testMerge
Counting objects: 460, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (240/240), done.
Writing objects: 100% (460/460), 16.69 MiB | 442.00 KiB/s, done.
Total 460 (delta 211), reused 453 (delta 205)
To git@git.coding.net:hbxn740150254/Local-Git.git
* [new branch] testMerge -> testMerge
github账户如果还是显示之前id_rsa密钥账户的话请把你的密钥加入sshAgent代理中
-
添加你的ssh密钥到ssh-agent中
# start the ssh-agent in the background eval "$(ssh-agent -s)" Agent pid 59566
-
如果你的密钥不是系统默认的RSA文件名id_rsa,比如像我一样另外创了一对公钥/密钥id_rsa_personal,那么就把他们添加进去,注意:密钥文件是不带扩展名的,公钥扩展名是.pub,代表publicKey,
apple:.ssh apple$ eval "$(ssh-agent -s)" Agent pid 19795 //添加密钥 id_rsa_personal apple:.ssh apple$ ssh-add id_rsa_personal Identity added: id_rsa_personal (github-personal) //添加默认密钥 id_rsa apple:.ssh apple$ ssh-add id_rsa //密钥有密码的话就会要你提示输入 passphrase Enter passphrase for id_rsa: //测试用密钥isa是否连接成功github apple:.ssh apple$ ssh -T git@github.com Hi hbxn740150254! You 've successfully authenticated, but GitHub does not provide shell access. //测试密钥id_rsa_personal是否连接成功github apple:.ssh apple$ ssh -T git@github-personal Hi FaxeXian! You've successfully authenticated, but GitHub does not provide shell access.
这样,一台电脑生成的两个公钥让两个用户成功连接,就可以访问别人的远程仓库,可以进行多人开发了!!