产生一个SSH密钥对
介绍
Repository Hosting使用公钥密码体制来认证所有通过SSH对Git和Mercurial进行的私密访问。为了访问某个私有存储库或向某个公有存储库提交,您需要产生一个SSH密钥对并将密钥对的公钥提交给Repository Hosting。
注: 如果您拥有多个Repository Hosting账户,则需要为每个账户产生一个新密钥对。
产生密钥对
Mac OS
$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/Users/username/.ssh/id_rsa): <use default or enter new location> Enter passphrase (empty for no passphrase): <password> Enter same passphrase again: <confirmation> Your identification has been saved in /Users/username/.ssh/id_rsa. Your public key has been saved in /Users/username/.ssh/id_rsa.pub. The key fingerprint is: ab:f9:23:a6:f0:db:ce:64:59:dd:98:b9:be:7c:57:6f username@hostname.local $ cat ~/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqkDkMnQwAer3irnip5U1HzJmfahJ06474mhb4Z4eobhXQ I7qDu1pbt7H2SSSswa6HwX7Uicelh1u6PkQaSZJ/QOaUWSFkyM2hw+B3oOfqVVnst9vdZPpTLfyWuxqG2 YAnHyYEb2w58VSVbk4L89s3V21keMZI3+PD83+K2LvqsgxfO4UHds7SRk5kLCTQGHljr2POG8TQ3Xfec7 xvXy6jTB0gipM0/dUV0uxdGCEU5WNPSLIjhnHl6BF8Q84Dzc9FroGHNzhDG2POMco6HhKx2zgjm4K5rFu jR1nV45unWc/RLE0Zeom+Znfw1s5jETAo6/NZKVLrNGP1LryWy8wyQ== username@hostname.local $ cat ~/.ssh/id_rsa.pub | pbcopy # copy to clipboard |
Linux
$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): <use default or enter new location> Enter passphrase (empty for no passphrase): <password> Enter same passphrase again: <confirmation> Your identification has been saved in /home/username/.ssh/id_rsa. Your public key has been saved in /home/username/.ssh/id_rsa.pub. The key fingerprint is: ab:f9:23:a6:f0:db:ce:64:59:dd:98:b9:be:7c:57:6f username@hostname $ cat ~/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqkDkMnQwAer3irnip5U1HzJmfahJ06474mhb4Z4eobhXQ I7qDu1pbt7H2SSSswa6HwX7Uicelh1u6PkQaSZJ/QOaUWSFkyM2hw+B3oOfqVVnst9vdZPpTLfyWuxqG2 YAnHyYEb2w58VSVbk4L89s3V21keMZI3+PD83+K2LvqsgxfO4UHds7SRk5kLCTQGHljr2POG8TQ3Xfec7 xvXy6jTB0gipM0/dUV0uxdGCEU5WNPSLIjhnHl6BF8Q84Dzc9FroGHNzhDG2POMco6HhKx2zgjm4K5rFu jR1nV45unWc/RLE0Zeom+Znfw1s5jETAo6/NZKVLrNGP1LryWy8wyQ== username@hostname.local |
Windows
历史上,Git在Windows上表现不是很好。不过,随着时间的推移,这种情况正在改善。如果您在使用Git for Windows,您可以使用配套的ssh-keygen工具来产生密钥对。另外,您也可以用PuTTYgen来产生密钥对。
Check out our FAQ for more information on accessing repositories via SSH on Windows.
公钥关联
您密钥的公共部分必须提供给Repository Hosting,以便我们的服务器能够知道您的密钥是与您的账户相关联的。在登入您账户的web界面后,点击右上角的"我的简介"链接,或账户信息中心上用户旁边的揝"Setting"链接。"选择标签"公钥"并在用于添加公钥的表格中粘帖公钥文件(连同扩展名".pub")的整个内容。
修改ssh_config
SSH将需要知道怎样定位您的密钥对。如果您使用默认密钥名称之一,如"~/.ssh/id_rsa",SSH能自动找到它。如果不是,您可以在ssh_config文件中指定密钥对。下面就是一个配置文件的例子。另一个方法是通过执行命令"ssh-add /path/to/my_key"向SSH注册您的密钥对。
由于您的每个Repository Hosting账户需要一个唯一的SSH密钥,您需要一个在客户端上变换密钥的机制。最简单的方法是修改文件ssh_config(在Ubuntu上,位于"/etc/ssh/ssh_config")。参照下面例子中的设置:
# # personal account # Host personal.repositoryhosting.com Hostname personal.repositoryhosting.com IdentitiesOnly yes IdentityFile ~/.ssh/personal_key # # corporate account # Host corporate.repositoryhosting.com Hostname corporate.repositoryhosting.com IdentitiesOnly yes IdentityFile ~/.ssh/corporate_key |
要测试您的连接,可使用以下命令:
# see what keys are registered with SSH ssh-add -l # test connecting to the Repository Hosting servers # a message that says "Welcome to Repository Hosting" means you were authenticated ssh -v git@<account-subdomain>.repositoryhosting.com ssh -v hg@<account-subdomain>.repositoryhosting.com |