如何使用Gitlab ci通过本地Gitlab runner SSH连接到本地服务器?
我有一个从本地Gitlab runner到本地服务器的SSH问题,以下是我的小故事的特点:如何使用Gitlab ci通过本地Gitlab runner SSH连接到本地服务器?,ssh,gitlab,gitlab-ci,gitlab-ci-runner,Ssh,Gitlab,Gitlab Ci,Gitlab Ci Runner,我有一个从本地Gitlab runner到本地服务器的SSH问题,以下是我的小故事的特点: 本地Gitlab Runner在流浪机器内设置 本地服务器模拟,这是一台具有静态IP的漫游机器 Gitlab管道存储库包含本地运行程序和本地服务器之间的SSH连接 最终结果应该是通过本地Gitlab Runner并使用SSH将演示文件部署到本地服务器 Trigger Gitlab pipeline repository->本地Gitlab Runner->SSH到本地服务器->将演示文件部署到本地服务
- 本地Gitlab Runner在流浪机器内设置
- 本地服务器模拟,这是一台具有静态IP的漫游机器
- Gitlab管道存储库包含本地运行程序和本地服务器之间的SSH连接
image: ubuntu:latest
stages:
- deploy
deploy:
stage: deploy
before_script:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y && apt-get install -y iputils-ping )'
- eval $(ssh-agent -s)
- echo "$PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
# - echo "$AWS_EC2_PRIKEY" | tr -d '\r' | ssh-add - > /dev/null
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
script:
- ping -c 2 192.168.213.160
- ssh -vvvv -o StrictHostKeyChecking=no vagrant@192.168.213.160 "ls ~"
# - ping -c 2 ec2XXX.amazonaws.com
# - ssh -o StrictHostKeyChecking=no ec2-user@ec2XXX.amazonaws.com "ls ~"
tags:
- docker
only:
- master
两个重要注意事项:
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:6OLHurOSA2T9E/Q00bMRa129Ma21bYG2U+9wCqNr0A0
Warning: Permanently added '192.168.213.160' (ECDSA) to the list of known hosts.
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: (stdin) (0x555e8014a4a0), agent
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug2: key: /root/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:l2h6Lwchp4znO049FtrtUCQFboW2OGLT6vKj27jc9ss (stdin)
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
vagrant@192.168.213.160: Permission denied (publickey).
ERROR: Job failed: exit code 1
debug1:服务器主机密钥:ecdsa-sha2-nistp256 SHA256:6OLHurOSA2T9E/Q00bMRa129Ma21bYG2U+9wCqNr0A0
警告:已将“192.168.213.160”(ECDSA)永久添加到已知主机的列表中。
debug3:发送数据包:类型21
调试2:设置新键:模式1
debug1:在134217728块之后重新键入
debug1:SSH2\u MSG\u已发送新密钥
debug1:应为SSH2\u MSG\u NEWKEYS
debug3:接收数据包:类型21
debug1:SSH2\u MSG\u接收到新密钥
debug2:设置新键:模式0
debug1:在134217728块之后重新键入
调试2:键:(标准输入)(0x555e8014a4a0),代理
debug2:key:/root/.ssh/id_rsa((nil))
debug2:key:/root/.ssh/id_dsa((nil))
debug2:key:/root/.ssh/id_ecdsa((nil))
debug2:key:/root/.ssh/id_ed25519((nil))
debug3:发送数据包:类型5
debug3:接收数据包:类型7
debug1:SSH2\u MSG\u EXT\u接收到信息
debug1:kex_输入_外部_信息:服务器信号algs=
debug3:接收数据包:类型6
debug2:service\u accept:ssh userauth
debug1:SSH2\u消息\u服务\u接收
debug3:发送数据包:类型50
debug3:接收数据包:类型51
debug1:可以继续的身份验证:公钥
debug3:重新开始,传递了不同的列表公钥
调试3:首选gssapi keyex、带麦克风的gssapi、公钥、键盘交互、密码
debug3:authmethod\u查找公钥
debug3:剩余首选项:键盘交互、密码
debug3:authmethod_是已启用的公钥
debug1:下一个身份验证方法:公钥
debug1:提供公钥:RSA SHA256:l2h6Lwchp4znO049FtrtUCQFboW2OGLT6vKj27jc9ss(标准输入法)
debug3:发送\u pubkey\u测试
debug3:发送数据包:类型50
debug2:我们发送了一个公钥包,等待回复
debug3:接收数据包:类型51
debug1:可以继续的身份验证:公钥
debug1:正在尝试私钥:/root/.ssh/id\u rsa
debug3:没有这样的标识:/root/.ssh/id\u rsa:没有这样的文件或目录
debug1:正在尝试私钥:/root/.ssh/id\u dsa
debug3:没有这样的标识:/root/.ssh/id\u dsa:没有这样的文件或目录
debug1:正在尝试私钥:/root/.ssh/id\u ecdsa
debug3:没有这样的标识:/root/.ssh/id\u ecdsa:没有这样的文件或目录
debug1:正在尝试私钥:/root/.ssh/id_ed25519
debug3:没有这样的标识:/root/.ssh/id_ed25519:没有这样的文件或目录
debug2:我们没有发送数据包,请禁用方法
debug1:不再尝试验证方法。
vagrant@192.168.213.160:权限被拒绝(公钥)。
错误:作业失败:退出代码1
有什么想法吗,伙计们?提前感谢我的错误是我在Gitlab管道中使用了本地服务器的私钥 相反,我在Gitlab管道中使用本地Gitlab Runner机器的私钥,在本地服务器的
~/.ssh/authorized_keys
中使用Runner的公钥
见我的素描:
有关更多详细信息,请参阅我的文章:我的错误是在Gitlab管道中使用了本地服务器的私钥 相反,我在Gitlab管道中使用本地Gitlab Runner机器的私钥,在本地服务器的
~/.ssh/authorized_keys
中使用Runner的公钥
见我的素描:
有关更多详细信息,请参阅我的文章: