Ansible bitbucket克隆设置ssh错误
总之,当使用Ansible设置我的Wagrant box时,我在尝试使用ssh克隆我的bitbucket私有repo时遇到了一个神秘的错误。 该错误表示“主机密钥验证失败” 但是,如果我不使用ssh,然后运行'gitclone'命令,私有repo就成功克隆了。这表明ssh转发代理确实在工作,并且vagrant box可以访问我与bitbucket repo关联的私钥 我已经在这个问题上挣扎了两天,现在我疯了! 求求你,有人帮帮我 流浪汉档案:Ansible bitbucket克隆设置ssh错误,ssh,vagrant,ansible,bitbucket,vagrant-provision,Ssh,Vagrant,Ansible,Bitbucket,Vagrant Provision,总之,当使用Ansible设置我的Wagrant box时,我在尝试使用ssh克隆我的bitbucket私有repo时遇到了一个神秘的错误。 该错误表示“主机密钥验证失败” 但是,如果我不使用ssh,然后运行'gitclone'命令,私有repo就成功克隆了。这表明ssh转发代理确实在工作,并且vagrant box可以访问我与bitbucket repo关联的私钥 我已经在这个问题上挣扎了两天,现在我疯了! 求求你,有人帮帮我 流浪汉档案: Vagrant.configure("2&
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/xenial64"
config.vm.network "private_network", ip: "192.168.33.10"
config.ssh.forward_agent = true
# Only contains ansible dependencies
config.vm.provision "shell",
inline: "sudo apt-get install python-minimal -y"
# Use ansible for all provisioning:
config.vm.provision "ansible" do |ansible|
ansible.playbook = "provisioning/playbook.yml"
end
end
我的剧本.yml如下:
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=www-data group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone bitbucket repo
git:
repo: git@bitbucket.org:gustavmahler/example.com.git
dest: /var/www/poo
version: master
accept_hostkey: yes
错误消息:
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/xenial64"
config.vm.network "private_network", ip: "192.168.33.10"
config.ssh.forward_agent = true
# Only contains ansible dependencies
config.vm.provision "shell",
inline: "sudo apt-get install python-minimal -y"
# Use ansible for all provisioning:
config.vm.provision "ansible" do |ansible|
ansible.playbook = "provisioning/playbook.yml"
end
end
流浪规定
任务[常见:克隆bitbucket repo]*******************************************
致命:[默认值]:失败!=>{“changed”:false,“cmd”:“/usr/bin/git clone--源代码“”/var/www/poo”,“failed”:true,“msg”:“克隆到“/var/www/poo”…\n警告:将IP地址“104.192.143.3”的RSA主机密钥永久添加到已知主机列表中。\r\n拒绝许可(公钥)\r\n致命:无法从远程存储库读取。\n\n请确保您具有正确的访问权限,\n并且存储库存在。“,“rc”:128,“stderr”:“克隆到“/var/www/poo”…\n警告:将IP地址“104.192.143.3”的RSA主机密钥永久添加到已知主机列表中。\r\n拒绝许可(公钥)\r\n致命:无法从远程存储库读取。\n\n请确保您具有正确的访问权限,\n并且存储库存在。\n,“标准行”:[“克隆到“/var/www/poo”…”,“警告:将IP地址“104.192.143.3”的RSA主机密钥永久添加到已知主机列表中。”,“权限被拒绝(公钥)。”,“致命:无法从远程存储库读取。”、“”、“请确保您具有正确的访问权限”,“并且存储库存在。”]、“标准输出”:“、“标准输出行”:[]}
其他信息:
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/xenial64"
config.vm.network "private_network", ip: "192.168.33.10"
config.ssh.forward_agent = true
# Only contains ansible dependencies
config.vm.provision "shell",
inline: "sudo apt-get install python-minimal -y"
# Use ansible for all provisioning:
config.vm.provision "ansible" do |ansible|
ansible.playbook = "provisioning/playbook.yml"
end
end
- 我机器上的ssh add-l确实包含关联的bitbucket repo密钥
- vagrant框中的ssh add-l也包含相关的bitbucket repo密钥(通过ssh转发)
vagrant ssh
git clone git@bitbucket.org:myusername/myprivaterepo.com.git
Then type "yes" to allow the RSA fingerprint to be added to ~/.ssh/known_hosts (as its first connection with bitbucket)
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=ubuntu group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone bitbucket repo
become: false
git:
repo: git@bitbucket.org:[username]/example.com.git
dest: /var/www/poo
version: master
accept_hostkey: yes
可能的解决方案?
我在Ansible文档中看到有一个:选项。我如何引用位于vagrant box外部并使用ssh转发传入的私钥
我的~/.ssh/中确实有多个针对不同实体的ssh密钥。也许Ansible provisioning运行的git clone命令没有选择正确的密钥
非常感谢您阅读我的噩梦。由于您使用
been:true
运行整个剧本,SSH密钥转发(以及故障排除)变得无关紧要,因为从您的剧本连接到BitBucket的用户是root
以ubuntu
用户身份运行连接到BitBucket的任务:
- 在
任务中指定Clone bitbucket repo
)been:false
- 或者从播放中删除
,并仅将其添加到需要提升权限的任务中been:true
- 我将/var/www目录的所有者从“www data”更改为 “ubuntu”(我用来通过ssh登录的用户名)
- 我还在git任务上方添加了“been:false”
vagrant ssh
git clone git@bitbucket.org:myusername/myprivaterepo.com.git
Then type "yes" to allow the RSA fingerprint to be added to ~/.ssh/known_hosts (as its first connection with bitbucket)
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=ubuntu group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone bitbucket repo
become: false
git:
repo: git@bitbucket.org:[username]/example.com.git
dest: /var/www/poo
version: master
accept_hostkey: yes
请看我的新问题