I've been trying to solve an issue with Git repo that is hosted on an on-prem TFS2017, cannot do a "git clone" command from a linux machine which is not in the domain, keep getting "fatal: Authentication failed for".
我一直在尝试解决一个关于Git repo的问题,它托管在一个on-prem TFS2017上,不能从不在域中的linux机器上执行“Git克隆”命令,继续得到“致命:身份验证失败”。
The user i am using is a local user on the Linux machine (same name as domain user, same password) the user is granted user in the Git repo While working same drill from a domain joined Windows machine, everything works fine (i use Git Bash).
我正在使用的用户是Linux机器上的本地用户(相同的名称为域用户,相同的密码),用户在Git repo中被授予用户,而从一个域连接到Windows机器上的相同的操作,一切都很好(我使用Git Bash)。
Ive created ssh key on the Linux and updated it in the TFS user profile as public, didnt help.
我在Linux上创建了ssh密钥,并在TFS用户配置文件中将它更新为public,这没有帮助。
以下是TFS活动日志:
In the picture we can see the TOP request has no Authentication, no identity and Application (when trying to access from Linux), yet on the bottom, same access from Git Bash (Win machine), Authentication type is "Negotiate", there is Identity name and the Application.
在图中,我们可以看到上面的请求没有身份验证、没有身份和应用程序(当尝试从Linux访问时),但是在底部,来自Git Bash (Win machine)的相同访问,身份验证类型是“协商”,有身份名称和应用程序。
TY guys.
泰人。
2 个解决方案
#1
1
First, please double confirm you have followed this tutorial-- Use SSH key authentication to connect to your Git repos. Avoid adding whitespace or new lines into the Key Data field-they can cause VSTS to use an invalid public key.
首先,请再次确认您遵循了本教程——使用SSH密钥身份验证连接到Git repos。避免在键数据字段中添加空格或新行——它们可能导致VSTS使用无效的公钥。
Besides, you could also try to configure Basic Authentication on your TFS Application Tier server or use Git Credential Managers to authenticate from Linux. This will narrow down if the issue is related your ssh authentication type or environment on your Linux machine.
此外,还可以尝试在TFS应用程序层服务器上配置基本身份验证,或者使用Git凭据管理器从Linux进行身份验证。如果问题与您的Linux机器上的ssh身份验证类型或环境有关,那么这将缩小范围。
Try to disable the firewall on the Linux build agent during the git clone command test.
在git克隆命令测试期间,尝试禁用Linux构建代理上的防火墙。
#2
1
Ive managed to overcome the issue, one of the steps was to configure the SSH authentication..
1. On the Linux Machine, ive added the TFS server to HOSTS file and installed Git client.
Then ive followed this guide guide for ContOS >> AD authentication, i followed up to step 4.
2. On the Linux machine generate Public Key using "ssh-keygen", and use this key as
3. On the TFS web page, at the user icon, we have security tab, went to SSH public keys and added the generated key from Linux (must be from public key, not private).
4. Eventually from the Linux i type in the full repo address, for example git clone ssh://tfs.domain.com:22/Defaultcollection/_projectname/git
It will prompt you to authorize the RSA connection, and that's it.
Hope that helps.
Ive成功解决了这个问题,其中一个步骤是配置SSH身份验证。1。在Linux机器上,ive将TFS服务器添加到主机文件中,并安装了Git客户机。然后,我遵循了ContOS >> AD认证指南,接着执行步骤4。2。在Linux机器上,使用“ssh-keygen”生成公钥,并使用此密钥作为3。在TFS web页面上,在user图标上,我们有security选项卡,进入SSH公钥,并添加来自Linux的生成密钥(必须来自公钥,而不是私钥)。4所示。最终,在Linux i中输入完整的repo地址,例如git克隆ssh:/ tfs.domain.com:22/Defaultcollection/_projectname/git,它将提示您对RSA连接进行授权,仅此而已。希望有帮助。
#1
1
First, please double confirm you have followed this tutorial-- Use SSH key authentication to connect to your Git repos. Avoid adding whitespace or new lines into the Key Data field-they can cause VSTS to use an invalid public key.
首先,请再次确认您遵循了本教程——使用SSH密钥身份验证连接到Git repos。避免在键数据字段中添加空格或新行——它们可能导致VSTS使用无效的公钥。
Besides, you could also try to configure Basic Authentication on your TFS Application Tier server or use Git Credential Managers to authenticate from Linux. This will narrow down if the issue is related your ssh authentication type or environment on your Linux machine.
此外,还可以尝试在TFS应用程序层服务器上配置基本身份验证,或者使用Git凭据管理器从Linux进行身份验证。如果问题与您的Linux机器上的ssh身份验证类型或环境有关,那么这将缩小范围。
Try to disable the firewall on the Linux build agent during the git clone command test.
在git克隆命令测试期间,尝试禁用Linux构建代理上的防火墙。
#2
1
Ive managed to overcome the issue, one of the steps was to configure the SSH authentication..
1. On the Linux Machine, ive added the TFS server to HOSTS file and installed Git client.
Then ive followed this guide guide for ContOS >> AD authentication, i followed up to step 4.
2. On the Linux machine generate Public Key using "ssh-keygen", and use this key as
3. On the TFS web page, at the user icon, we have security tab, went to SSH public keys and added the generated key from Linux (must be from public key, not private).
4. Eventually from the Linux i type in the full repo address, for example git clone ssh://tfs.domain.com:22/Defaultcollection/_projectname/git
It will prompt you to authorize the RSA connection, and that's it.
Hope that helps.
Ive成功解决了这个问题,其中一个步骤是配置SSH身份验证。1。在Linux机器上,ive将TFS服务器添加到主机文件中,并安装了Git客户机。然后,我遵循了ContOS >> AD认证指南,接着执行步骤4。2。在Linux机器上,使用“ssh-keygen”生成公钥,并使用此密钥作为3。在TFS web页面上,在user图标上,我们有security选项卡,进入SSH公钥,并添加来自Linux的生成密钥(必须来自公钥,而不是私钥)。4所示。最终,在Linux i中输入完整的repo地址,例如git克隆ssh:/ tfs.domain.com:22/Defaultcollection/_projectname/git,它将提示您对RSA连接进行授权,仅此而已。希望有帮助。