权限被拒绝（公钥）。 GitLab 突然出现错误。我正确配置了私钥和公钥

Posted 2023-03-23

【中文标题】权限被拒绝（公钥）。 GitLab 突然出现错误。我正确配置了私钥和公钥

【英文标题】：Permission denied (publickey). error appears suddenly with GitLab. I config private and public key correctly

【发布时间】：2021-06-03 14:20:54

【问题描述】：

从今天开始，我遇到了“权限被拒绝（公钥）”问题。确实两天前一切正常。

这里有一些信息：

我在 2 个月前生成了私钥和公钥。两天前我创建了一个新的私人项目，一切正常。实际上，在 https://.../profile/keys 中的 GitLab 个人资料中，我可以看到我的 SSH 密钥在 2 天前被使用。

但是现在如果我尝试输入：ssh -Tv git@xxx

我的权限被拒绝：

OpenSSH_8.4p1, OpenSSL 1.1.1i  8 Dec 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to xxx [130.192.16.165] port 22.
debug1: Connection established.
debug1: identity file /c/Users/xxx/.ssh/id_rsa type -1
debug1: identity file /c/Users/xxx/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/xxx/.ssh/id_dsa type -1
debug1: identity file /c/Users/xxx/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/xxx/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/xxx/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/xxx/.ssh/id_ecdsa_sk type -1
debug1: identity file /c/Users/xxx/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /c/Users/xxx/.ssh/id_ed25519 type 3
debug1: identity file /c/Users/xxx/.ssh/id_ed25519-cert type -1
debug1: identity file /c/Users/xxx/.ssh/id_ed25519_sk type -1
debug1: identity file /c/Users/xxx/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /c/Users/xxx/.ssh/id_xmss type -1
debug1: identity file /c/Users/xxx/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.10 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: Authenticating to xxx:22 as 'vgit'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:g6mCwdFaFWdQG0rfBcIGGXDQNvJR0tan+sF8N53Tvow
debug1: Host 'xxx' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxx/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/xxx/.ssh/id_rsa
debug1: Will attempt key: /c/Users/xxx/.ssh/id_dsa
debug1: Will attempt key: /c/Users/xxx/.ssh/id_ecdsa
debug1: Will attempt key: /c/Users/xxx/.ssh/id_ecdsa_sk
debug1: Will attempt key: /c/Users/xxx/.ssh/id_ed25519 ED25519 SHA256:uEcoFZk1Nh6/5KRdoKFtktiOtX8qoUupC4ohwKrvvWA
debug1: Will attempt key: /c/Users/xxx/.ssh/id_ed25519_sk
debug1: Will attempt key: /c/Users/xxx/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/xxx/.ssh/id_rsa
debug1: Trying private key: /c/Users/xxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxx/.ssh/id_ecdsa_sk
debug1: Offering public key: /c/Users/xxx/.ssh/id_ed25519 ED25519 SHA256:uEcoFZk1Nh6/5KRdoKFtktiOtX8qoUupC4ohwKrvvWA
debug1: Authentications that can continue: publickey
debug1: Trying private key: /c/Users/xxx/.ssh/id_ed25519_sk
debug1: Trying private key: /c/Users/xxx/.ssh/id_xmss
debug1: No more authentication methods to try.
vgit@xxx: Permission denied (publickey).

为什么两天前我有权限，现在我没有？

我在 Window 10 上使用 Git Bash

【问题讨论】：

您的客户能够提供的一个密钥是Offering public key: /c/Users/xxx/.ssh/id_ed25519。显然，该密钥未在服务器上列出。我们不能告诉你为什么；只有服务器可以告诉你。

我该如何解决？我试图生成另一个密钥，但它没有用。如何查看服务器密钥列表？

我不确定（如何解决）。您提供给服务器 的密钥必须存储在服务器上的某处>

公钥存储在服务器上。我可以在我的个人资料中看到它：https://.../profile/keys。确实两天前我得到了许可

好的，如果密钥在那里，服务器端出现问题，找到（和/或使用）那里的密钥。再说一次，我不能告诉你什么或为什么，只是它拒绝你使用那个键。

【参考方案1】：

我今天复制了相同的命令，现在它可以工作了。我不能说为什么昨天它没有工作。计算机科学的奥秘。