Gitolite One User - Many Keys - Different usernames
The current recommended way according to the documentation
"The simplest and most understandable is to put their keys in differentsubdirectories [inside your /kedir], (alice.pub, home/alice.pub,laptop/alice.pub, etc)."
reference: https://gitolite.com/gitolite/basic-admin.html#multiple-keys-per-user
The old way
If you are asking how you accomplish the following:
- David (home computer)
- David (work computer)
- David (laptop)
With different ssh keys on each computer you would simply create the key (ie: keygen "david@someemail.com") and then copy the public key to your gitolite keydir directory (gitolite-admin/keydir). When you do that simply name the key david@homecomputer.pub, david@workcomputer.pub, and david@laptop.pub. Add the keys to the repository (git add keydir/.), commit (git commit -m "added David's additional keys") and git push back to the server.
Gitolite is smart enough to know that even though it is a different key the user name (before the @) is still david and will let that user log in and use the ACL for david
Hope this helps
To fix a scenario where you might have john_home.pub john_work.pub open up your gitolite repo (admin repo) and rename the keys in your kedir to john@work.pub and john@home.pub commit and push. Now your user john can login from either machine and use the same username.
Keep in mind, in order for this to work, the email address in the SSH Keys needs to be the same for all of the user's keys. So using the example above, in the keys david@homecomputer.pub, david@workcomputer.pub, and david@laptop.pub all should have the email address of david@foobar.com.
Above was the "old way" do to this and may cause a complication if you have named your keys in the "email address way" contrary to what I stated above gitolite DOES NOT inspect your key for the proper email address. Please ignore (I left the original comment in for clarity).
For Gitolite v3 at leastEasiest solution is to use the subfolder system documented here http://sitaramc.github.com/gitolite/users.html
Gitolite will search recursively through the keydir and associate all the .pub as one user.I am using the subfolder system now with a windows laptop and linux dev machine and working fine.
The user@host convention seems way too complicated.
I'm doing something like this:
keydir |--mfang | |--laptop01 | | |--mfang.pub | |--linux01 | | |--mfang.pub |...etc
Since gitolite v3.5.2-10-g437b497 (September 2013, commit 59c817d0), there is an even simpler solution:
ukm, for "user key management".
User key management allows certain users to add and remove keys.
It can introduce a level of delegation, when not just the gitolite admin user can add new ssh public keys, but other users can now do so as well.
It also facilitate adding/removing public ssh keys.
You can see it in action in "contrib/t/ukm.t":
Gitolite documentation includes a section on that topic, but with ukm, it is easier (section "Users that want to manage multiple keys"):
Your gitolite administrator creates your gitolite identity with one of your keys as your initial key. This key can only be managed by the gitolite administrator, not by you. It basically determines under which name you are known to gitolite.
You can add new keys to this identity and remove them at your will.
# The admin can add multiple keys for the same userid.try "ADDOK u5 admin u4\@example.orgADDOK u5 admin u4\@example.org\@homeADDOK u5 admin laptop/u4\@example.orgADDOK u5 admin laptop/u4\@example.org\@home";