一般新手用git时,使用HTTPS都需要输入用户名和密码,这是一个很低效的开发过程。(虽然有时可以让开发人员减少push的次数)。github提供了几种连接方式,其中以https:开头的代表https连接,以git开头代表ssh连接。所以用ssh连接时要确保
你客户端的版本库url设置的ssh的url,而不是https的url。如何查看客户端的连接设置,使用下面的命令:
$ git config --list
显示中有一个
remote.origin.url=xxxxxx
如果url不是git开头的,去项目网址复制下ssh地址,然后设置url为新的地址
$git config remote.origin.url 新地址
。
生成ssh的步骤官网有详细说明:https://help.github.com/articles/generating-ssh-keys
大概如下:
1.转到目录(如果没有.ssh,就创建一个,不能用普通创建文件夹方式创建以.开头的,用命令行)
$ cd ~/.ssh 这个在win7上无效,~代表用户目录,win7一般为:C:UsersAdministrator.ssh (管理员身份登录) )
2. 生成key:
ssh-keygen -t rsa -C "your_email@example.com" # Creates a new ssh key, using the provided email as a label # Generating public/private rsa key pair. # Enter file in which to save the key (/c/Users/you/.ssh/id_rsa): [Press enter] ssh-add id_rsa (输入文件的名字,一般输入id_rsa就可以了)
然后会提示输入2次密码,(这里我们直接输入回车,不然以后每次都要输入密码,麻烦)输入完成后就在.ssh文件夹下面生成了2个文件:id_rsa和id_rsa.pub
把id_ras.pub内容复制下。
3.去Account Settings 新增一个key,key名字随意,Key内容就粘贴下刚才复制的就可以了。
4.测试
$ssh -T git@github.com (输入这个,千万注意,邮箱不要改) # Attempts to ssh to github
You may see this warning:
# The authenticity of host 'github.com (207.97.227.239)' can't be established. # RSA key fingerprint is 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48. # Are you sure you want to continue connecting (yes/no)?
Don't worry, this is supposed to happen. Verify that the fingerprint matches the one here and type "yes".
# Hi username! You've successfully authenticated, but GitHub does not # provide shell access.
If that username is correct, you've successfully set up your SSH key. Don't worry about the shell access thing, you don't want that anyway.
遇到了几个错误:
permission denied,一般都会遇到这种错误,看官网说明:
https://help.github.com/articles/error-permission-denied-publickey
错误:Could not open a connection to your authentication agent.
解决方法】需要ssh-agent启动bash,或者说把bash挂到ssh-agent下面。
【具体方法】
islue@localhost $ ssh-agent bash --login -iislue@localhost $ ssh-add
(如果上面还是报错:
Could not open a connection to your authentication agent.则
http://funkaoshi.com/blog/could-not-open-a-connection-to-your-authentication-agent
SSH private-keys are usually stored encrypted on the computers they are stored on. A pass-phrase is used to decrypt them when they are to be used. Since most people use SSH public-private key-pairs to get around typing in passwords all the time, the ssh-agentdaemon exists to store decrypted private-keys you plan on using in a given session. The thing most people get tripped up on when using ssh-agent is that what the program outputs, some borne or csh shell commands, needs to be run. It may look like ssh-agent has set some variables for you, but it has in fact done no such thing. If you call ssh-add without processing ssh-agent’s output, it will complain it is unable to open a connection to your authentication agent. The most straightforward way to run ssh-agent on the command line is as follows: eval `ssh-agent`. After doing this, calls to ssh-add should succeed without error.
执行ssh-add ~/.ssh/rsa
报标题上的错误
先执行 eval `ssh-agent` (是~键上的那个`) 再执行 ssh-add ~/.ssh/rsa成功
ssh-add -l 就有新加的rsa了
)
【ssh-agent介绍】
ssh-agent就是一个管理私钥的代理,受管理的私钥通过ssh-add来添加,所以ssh-agent的客户端都可以共享使用这些私钥。
好处1:不用重复输入密码。
用 ssh-add 添加私钥时,如果私钥有密码的话,照例会被要求输入一次密码,在这之后ssh-agent可直接使用该私钥,无需再次密码认证。
好处2:不用到处部署私钥
假设私钥分别可以登录同一内网的主机 A 和主机 B,出于一些原因,不能直接登录 B。可以通过在 A 上部署私钥或者设置 PortForwarding 登录 B,也可以转发认证代理连接在 A 上面使用ssh-agent私钥登录 B。
islue@localhost $ ssh -A HOST_Aislue@HOST_A $ ssh HOST_B
islue@HOST_B $
ssh-add完后,可以用ssh-add -l来查看结果:
客户端第一次push会在.ssh生成一个known_hosts文件:
这样,以后就不用输入用户名和密码了。
如果出现:
git clone git@x.x.x.x:test.git
Permission denied (publickey,gssapi-with-mic).
fatal: The remote end hung up unexpectedly.
原因是没有起到ssh。
运行:
ssh-agent bash .
或者不从cmd运行,直接从git bash运行。