I have set up gitolite hopefully as per the instructions, and everything is working as planned.
I am slightly unsure as to how the usernames part works, and looking through the docs hasn't helped me - perhaps I'm missing something simple.
If I have two client machines, for use by one real person, but on each of those machines the usernames are, let's say dave and david. How can I organise the keys in keydir and any config file so that they both represent the same user? I get the suffix thing, dave@laptop, dave@desktop (I think), just not how to have different client machine usernames connecting, as it seems to look for this when authenticating (perhaps because of the public key containing user@host information?)
I can give more details if needed - I just didn't want to bombard you all with irrelevant information.
Thanks very much.
"The simplest and most understandable is to put their keys in different subdirectories [inside your /kedir], (alice.pub, home/alice.pub, laptop/alice.pub, etc)."
reference: https://gitolite.com/gitolite/basic-admin.html#multiple-keys-per-user
If you are asking how you accomplish the following:
With different ssh keys on each computer you would simply create the key (ie: keygen "[email protected]") and then copy the public key to your gitolite keydir directory (gitolite-admin/keydir). When you do that simply name the key [email protected]
, [email protected]
, and [email protected]
. Add the keys to the repository (git add keydir/.
), commit (git commit -m "added David's additional keys"
) and git push
back to the server.
Gitolite is smart enough to know that even though it is a different key the user name (before the @
) is still david
and will let that user log in and use the ACL for david
Hope this helps
To fix a scenario where you might have john_home.pub
john_work.pub
open up your gitolite repo (admin repo) and rename the keys in your kedir
to [email protected]
and [email protected]
commit and push. Now your user john
can login from either machine and use the same username.
Keep in mind, in order for this to work, the email address in the SSH Keys needs to be the same for all of the user's keys. So using the example above, in the keys [email protected]
, [email protected]
, and [email protected]
all should have the email address of [email protected]
.
Above was the "old way" do to this and may cause a complication if you have named your keys in the "email address way" contrary to what I stated above gitolite DOES NOT inspect your key for the proper email address. Please ignore (I left the original comment in for clarity).