openclaw 网盘下载
OpenClaw

技能详情(站内镜像,无评论)

首页 > 技能库 > Github Private Repo SSH Routing

Diagnose and manage SSH keys, host aliases, and Git remotes for GitHub private repositories in multi-repo environments. Use when deploy keys collide, a machi...

开发与 DevOps

许可证:MIT-0

MIT-0 ·免费使用、修改和重新分发。无需归因。

版本:v1.0.1

统计:⭐ 0 · 135 · 0 current installs · 0 all-time installs

0

安装量(当前) 0

🛡 VirusTotal :良性 · OpenClaw :良性

Package:darinrowe/github-private-repo-ssh-routing

安全扫描(ClawHub)

  • VirusTotal :良性
  • OpenClaw :良性

OpenClaw 评估

The skill's files and runtime instructions are coherent with its stated purpose (diagnosing SSH host aliases and Git remotes for private GitHub repos) and request only the local, read-only checks needed for that task.

目的

The name/description, README guidance, reference docs, and bundled audit script all focus on SSH alias, key, and Git remote diagnosis for GitHub private repos. The actions (ls ~/.ssh, sed ~/.ssh/config, git remote, ssh -G, ssh -T, git ls-remote) are appropriate for that purpose. Minor metadata omission: the skill metadata lists no required binaries even though the script expects git and ssh; this is an implementation documentation gap, not a f…

说明范围

SKILL.md and the script limit themselves to local, read-only inspection and diagnostic commands. They reference only local SSH files, permissions, and git metadata and do not instruct sending data to external endpoints. The script prints filenames and permission info (which is sensitive but relevant to diagnosis); overall the scope stays within the stated troubleshooting domain.

安装机制

There is no install spec (instruction-only with a helper script included), so nothing is downloaded or installed. This minimizes install-time risk.

证书

The skill does not request environment variables, credentials, or config paths beyond reading standard SSH and repo files under the user's home directory. Example text references OpenClaw config for context but the skill does not demand access to unrelated secrets or services.

持久

The skill is not always-enabled and is user-invocable. It does not request persistent installation nor modify other skills or global agent settings. The workflow recommends manual edits by the user; the provided script performs only read-only auditing.

综合结论

This skill appears to do what it says: local, read-only diagnosis of SSH aliases, keys, and Git remotes. Before running anything: (1) review the audit output yourself — it will list ~./ssh filenames and permissions which are sensitive (don’t paste them in public), (2) run the bundled script only on machines you control, (3) expect the script to require git and ssh on PATH (the metadata omission is just documentation), and (4) follow the SKILL.…

安装(复制给龙虾 AI)

将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。

请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Github Private Repo SSH Routing」。简介:Diagnose and manage SSH keys, host aliases, and Git remotes for GitHub private …。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/darinrowe/github-private-repo-ssh-routing/SKILL.md
(来源:yingzhi8.cn 技能库)

SKILL.md

打开原始 SKILL.md(GitHub raw)

---
name: github-private-repo-ssh-routing
description: Diagnose and manage SSH keys, host aliases, and Git remotes for GitHub private repositories in multi-repo environments. Use when deploy keys collide, a machine manages multiple private repos, automation or backup scripts push to GitHub, or errors like "Permission denied (publickey)" / "Repository not found" appear despite the repo existing.
---

# GitHub Deploy Key Routing

Treat GitHub private repo access as a routing problem, not just a Git problem.

## Core rules

- Use one deploy key per private repository unless a machine user is intentionally chosen.
- Use one SSH host alias per key.
- Point each repo remote at the correct alias explicitly.
- Do not rely on a catch-all `Host github.com` when multiple deploy keys exist.
- Verify SSH first, then Git, then push.
- If automation is involved, fix both the live repo remote and the config/script source that writes it.

## Canonical pattern

```ssh
Host github.com-backup
    HostName github.com
    User git
    IdentityFile ~/.ssh/openclaw_backup_ed25519
    IdentitiesOnly yes
```

```bash
git remote set-url origin git@github.com-backup:OWNER/REPO.git
```

Use this skill when the machine has more than one private GitHub repo, more than one SSH key, or any recurring GitHub automation.

## Quick triage

If you need the fastest route:

1. Read `references/symptoms.md` and match the exact error.
2. Read `references/patterns.md` and compare the current alias + remote layout.
3. Read `references/decision-guide.md` only if the identity model itself is still undecided.
4. Read `references/openclaw-automation.md` only when a script, backup flow, or config value may be rewriting the remote.

## Workflow

### 1. Identify the repo + remote actually in use

Check the local repo path, current remotes, and whether the failing action came from:

- an interactive repo command
- a backup/sync script
- a config file that stores the repo URL
- a cron/automation job

If the repo path and the config source differ, do not treat them as the same fix.

### 2. Identify the key-routing layer

Read `references/patterns.md` for the standard alias layout.
Read `references/key-storage-by-system.md` when OS-specific key locations or mixed Windows/WSL/macOS behavior may matter.

Ask:

- Which SSH alias is the repo using now?
- Which key does that alias select?
- Is that key actually authorized for this repo?
- Is a broad `Host github.com` rule hijacking traffic?

### 3. Diagnose by symptom

Read `references/symptoms.md` and match the exact failure string before changing anything.

### 4. Choose the right identity model

Read `references/decision-guide.md` when the user is deciding between:

- deploy key
- personal SSH key
- machine user

Read `references/identity-model-boundaries.md` when the question is really about where SSH routing ends and GitHub API authority begins — especially for PR merge automation, release creation, or fine-grained PAT vs deploy key decisions.

### 5. Check automation-specific drift

Read `references/openclaw-automation.md` when the repo is used by OpenClaw backup/restore, plugins, cron jobs, or config-driven workflows.

### 6. Fix in the safe order

1. Fix or add the SSH alias.
2. Verify with `ssh -G <alias>`.
3. Test with `ssh -T git@<alias>`.
4. Update the repo remote URL.
5. Update any config/script source that still writes the old remote.
6. Verify with `git ls-remote origin`.
7. Only then push or pull.

## Minimal command set

```bash
ls -la ~/.ssh
sed -n '1,200p' ~/.ssh/config
git remote -v
ssh -G <host-alias> | sed -n '1,40p'
ssh -T git@<host-alias>
git ls-remote origin
```

## Bundled script

For a read-only audit of one local repo, run:

```bash
scripts/audit-routing.sh /path/to/repo
```

The script summarizes:

- repo remotes
- inferred SSH alias from `origin`
- `~/.ssh` files and permissions
- `~/.ssh/config` preview
- `ssh -G` summary for the detected alias

Use the script to inspect before editing.

## What to report

- Root cause in one sentence
- Whether the failure is local config, GitHub permission, or both
- The minimal fix
- Exactly what changed