【发布时间】:2020-08-18 20:11:44
【问题描述】:
我按照link 尝试通过 SSH 连接到我在 Gitlab-CI 中的服务器。对于 SSH 密钥,我进入服务器,并生成公钥和私钥。私钥被提取到 GitLab CI/CD 环境变量中。
YAML 模板如下,大部分是从链接中复制过来的。
image: docker:19.03.8
services:
- docker:19.03.8-dind
deployment:
variables:
ip: <ip-address>
script:
- apk add --update openssh-client sshpass
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | ssh-add - > /dev/null
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- export SSHPASS=$AWS_PASSWORD
- sshpass -e ssh -o StrictHostKeyChecking=no -vvv ubuntu@$ip echo testing
但是,我在尝试访问私钥时遇到了错误。
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /root/.ssh/id_xmss
debug3: no such identity: /root/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
如果有帮助,我正在使用 gitlab 共享跑步者。
[更新]
忘记在我要连接的服务器中添加,我将生成的公钥 id_rsa.pub 添加到 authorized_keys 文件中。
[编辑 1]
按照建议,我使用 ssh-keyscan 添加了已知主机,以将输出复制为变量 $SSH_KNOWN_HOSTS。在更新的 yaml 文件下方。但是我遇到了同样的错误。
deployment:
variables:
ip: <ip-address>
script:
- apk add --update openssh-client sshpass
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | ssh-add - > /dev/null
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- touch ~/.ssh/known_hosts
- echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
- export SSHPASS=$AWS_PASSWORD
- sshpass -e ssh -o StrictHostKeyChecking=no -vvv ubuntu@$ip echo testing
【问题讨论】:
-
@DV82XL 尝试了您之前关于 SSH_KNOWN_HOST 的建议(编辑)。您添加的另外两个链接我也尝试过 b4。现在想一想如果我使用公私钥方法,我应该不需要使用sshpass登录,不知道为什么它不起作用。
-
你的最终目标是什么?您是否尝试通过 SSH 连接到远程服务器以运行 Linux 命令或 bash 脚本?防火墙或代理呢?您在公司网络上吗?
-
目标是在服务器中运行一个 bash 脚本来部署我的容器。不,我不在公司网络上。应该不会有任何阻碍,因为我可以在本地机器上正常使用 ssh/sshpass