2

工作开始使用 Azure DevOps,我试图在我的家用计算机上克隆一个 repo。我创建了一个 ssh 密钥,将其添加到密钥列表中,并将我的 git 配置更改为我的工作电子邮件。但是,azure 仍然要求输入密码...

     (base) Name-MacBook-Pro:Company Name$ git clone git@ssh.dev.azure.com:v3/Company/AI/Repo
     Cloning into 'Repo'...
     Enter passphrase for key '/Users/Name/.ssh/id_rsa': 
     git@ssh.dev.azure.com's password: 
     Permission denied, please try again.
     git@ssh.dev.azure.com's password: 
     git@ssh.dev.azure.com: Permission denied (password,publickey).

____________编辑________________

尝试再次生成,但我仍然遇到问题

创建新的 ssh 密钥

ssh-keygen -t rsa -b 4096 -C “work@email.com” - f ~/.ssh/work_id_rsa

复制

猫 ~/.ssh/work_id_rsa | pbcopy

添加到组织并尝试克隆

ssh-agent bash -c 'ssh-add ~/.ssh/work_id_rsa; git clone https://company@dev.azure.com/Repo '

Cloning into 'Repo'...
Password for 'https://company@dev.azure.com': 
fatal: Authentication failed for 'https://comapny@dev.azure.com/Repo'
4

2 回答 2

3

如果这是我们这边(微软)可能造成的问题。我再次尝试使用 SSH 克隆并成功:

在此处输入图像描述

此问题应由您的 SSH 密钥格式引起。由于我不清楚您使用哪种方法生成密钥,但在您的问题中,应该是因为公钥身份验证失败,所以它要求您输入帐户的密码。

确保您的私钥具有以下格式:

-----BEGIN RSA PRIVATE KEY-----

*
*
*

-----END RSA PRIVATE KEY-----

如果没有,请使用以下命令重新生成:

ssh-keygen -t rsa

然后将公钥配置到 org.

于 2019-09-20T09:14:14.517 回答
1

编辑

一段时间以来,我一直在使用多个 Azure DevOps 帐户,我只想指出您可以使用正确密钥的另外 2 种方法:

  1. 使用-i标志

-i identity_file
选择从中读取用于 RSA 或 DSA 身份验证的身份(私钥)的文件。协议版本 1 的默认值是 ~/.ssh/identity,协议版本 2 的默认值是 ~/.ssh/id_rsa 和 ~/.ssh/id_dsa。身份文件也可以在配置文件中基于每个主机指定。可以有多个 -i 选项(以及在配置文件中指定的多个身份)。

参考:https ://linux.die.net/man/1/ssh

  1. 使用配置文件 ( ~/.ssh/config) 并更改主机名 (远程)
    而不是git clone git@ssh.dev.azure.com:v3/Company/AI/Repogit clone git@whatever_name_you_configured:v3/Company/AI/Repo

微软有一篇关于它的帖子可能会有所帮助: https ://docs.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops#qi-拥有多个 ssh-keys--如何使用不同的 ssh-keys-for-different-ssh-servers-or-repos

原答案:

生成密钥的方法实际上很好(OpenSSH),而且我的 SSH 密钥不止一个.ssh,所以我认为这也没关系。使用相同的算法,您可能不能拥有多个密钥。我认为实际问题是key 的名称

你用过:
ssh-keygen -t rsa -b 4096 -C “work@email.com” - f ~/.ssh/work_id_rsa
这很棒(大量字节:)

但是当您测试连接时,将永远找不到“work_id_rsa”,例如:
ssh -v git@ssh.dev.azure.com

只是为了测试我重命名并删除了我的。

重击

简而言之,结果如下:

pires@avell:~$ ssh -v git@ssh.dev.azure.com
OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to ssh.dev.azure.com [51.144.61.32] port 22.
debug1: Connection established.
(removed for brevity)
debug1: Authenticating to ssh.dev.azure.com:22 as 'git'
(removed for brevity)
debug1: Host 'ssh.dev.azure.com' is known and matches the RSA host key.
debug1: Found key in /home/pires/.ssh/known_hosts:3
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 4294967296 blocks

(((((important detail here:)))))
debug1: Will attempt key: /home/pires/.ssh/id_rsa
debug1: Will attempt key: /home/pires/.ssh/id_dsa
debug1: Will attempt key: /home/pires/.ssh/id_ecdsa
debug1: Will attempt key: /home/pires/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/pires/.ssh/id_ed25519 ED25519 SHA256: *************
debug1: Will attempt key: /home/pires/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/pires/.ssh/id_xmss
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/pires/.ssh/id_rsa
debug1: Trying private key: /home/pires/.ssh/id_dsa
debug1: Trying private key: /home/pires/.ssh/id_ecdsa
debug1: Trying private key: /home/pires/.ssh/id_ecdsa_sk
debug1: Offering public key: /home/pires/.ssh/id_ed25519 ED25519 SHA256:************
(((((and here:)))))
debug1: Authentications that can continue: password,publickey
debug1: Trying private key: /home/pires/.ssh/id_ed25519_sk
debug1: Trying private key: /home/pires/.ssh/id_xmss
debug1: Next authentication method: password
git@ssh.dev.azure.com's password:

所以,实际上 OpenSSH 永远不会找到它。我的意思是,我没有把 a 放在work_id_rsa那里,但这没关系,因为它不会在文件夹中查找所有内容,在您的情况下,它希望 a/home/pires/.ssh/id_rsa正好在那里。或者更好,无论~指向 +/.ssh/id_encryptionmethod

此外,由于它找不到要验证的私钥,因此它回退到password

于 2020-09-04T11:03:36.583 回答