This post is older than a year. Consider some information might not be accurate anymore.
Used: git version 2.25.1
My scenario is that I have different users on GitLab.
For example:
- Private user
- Company user, with different groups
- User x from Customer y
Each user has its own ssh key.
The Problem
The .ssh/config
would only allow one identity/account to work.
Host localhost
NoHostAuthenticationForLocalhost yes
Host git-codecommit.*.amazonaws.com
User le-mapper
IdentityFile ~/.ssh/id_rsa.pub
# GitLab.com
Host gitlab.com
Preferredauthentications publickey
User le-mapper
IdentityFile ~/.ssh/id_rsa.pub
The git operation will fail for all other users with different identity files. For instance a repository for my company user, fetching with my identity file for my private user complains:
$ git fetch
remote:
remote: ========================================================================
remote:
remote: The project you were looking for could not be found or you don't have permission to view it.
remote:
remote: ========================================================================
remote:
fatal: Could not read from remote repository.
To examine the ssh communication with gitlab.com:
ssh -Tvvv git@gitlab.com
The Solution
Reading through the GitLab docs, it is possible to use multiple accounts for GitLab.
The trick is to use aliases for hosts in the ~.ssh/config
file. For the Host, use an alias like user_1.gitlab.com
and user_2.gitlab.com
. You could also use the company name as an alias mycompany.gitlab.com
.
# GitLab.com
Host <user_1.gitlab.com>
Hostname gitlab.com
Preferredauthentications publickey
User le-mapper # private user
IdentityFile ~/.ssh/id_rsa.pub
Host <user_2.gitlab.com>
Hostname gitlab.com
Preferredauthentications publickey
User another-mapper # company user
IdentityFile ~/.ssh/id_ed25519.pub
Now the aliases points to different identity files.
In the local repository we have to switch the remote url to the alias.
For instance
git remote set-url origin "git@<user_2.gitlab.com>:lemapper/demo.git"
Demo: Check my local repository
tan@omega:~/development/projects/mapperking$ git remote -v
aws ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/mapperking (fetch)
aws ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/mapperking (push)
origin git@gitlab.com:cinhtau-website/mapperking.git (fetch)
origin git@gitlab.com:cinhtau-website/mapperking.git (push)
Now to switch it:
$ git remote set-url origin "git@<user_1.gitlab.com>:cinhtau-website/mapperking.git"
Summary
So in short:
- Use semantic alias names
- The alias is resolved to a configured user with identity file
This solved my git integration problems in my IDEs like IntelliJ and Atom.
Sources: