Tôi đang sử dụng ansible để quản lý cấu hình. Tôi nhân bản repo riêng sau khi sao chép tệp cặp khóa công khai và riêng tư vào máy chủ từ xa. Nhân bản đang hoạt động tốt nhưng khi tôi chạy bundle install
, nhận được lỗi của public key permission denied
.repo riêng đang được nhân bản thông qua playbook ansible nhưng gem riêng không được cài đặt
Ansible playbook
---
- hosts: launched
sudo: yes
remote_user: ubuntu
key_file: /home/ubuntu/.ssh/id_rsa
tasks:
- name: update apt
apt: update_cache=yes
- name: ensure public key and public one are present
sudo: yes
copy: src={{item}} dest=/home/ubuntu/.ssh/{{ item }} mode=0600
with_items:
- id_rsa.pub
- name: ensure private key and public one are present
sudo: yes
copy: src={{item}} dest=/home/ubuntu/.ssh/{{ item }} mode=0600
with_items:
- id_rsa
- name: Deploy site files from Github repository
# sudo: yes
git: [email protected]:xyz/abc.git dest=/home/{{deploy_user}}/{{app_name}} key_file=/home/ubuntu/.ssh/id_rsa accept_hostkey=yes force=yes version=release
- name: config database.yml
template: src=database.yml.j2 dest={{ deploy_directory}}/config/database.yml
- name: bundle install
command: bundle install chdir={{ deploy_directory }}
- name: sidekiq initializer
command: bundle exec sidekiq -C ./config/sidekiq.yml chdir={{deploy_directory}}
- name: migrate create
command: rake db:create RAILS_ENV="production" chdir={{ deploy_directory }}
- name: migrate migrate
command: rake db:migrate RAILS_ENV="production" chdir={{ deploy_directory }}
Các Gemfile sử dụng đá quý tư nhân thông qua url ssh của gitub. Vì vậy, trong khi chạy các gói cài đặt thông qua playbook, nhận được lỗi sau.
failed: [X.X.X.X] => {"changed": true, "cmd": ["bundle", "install"], "delta": "0:00:05.788387", "end": "2015-11-03 06:39:43.671879", "rc": 11, "start": "2015-11-03 06:39:37.883492", "warnings": []}
stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights.
Chìa khóa tôi thêm vào máy chủ từ xa cũng có quyền truy cập vào đá quý riêng tư nhưng bằng cách nào đó từ chối quyền.
Cá nhân tôi đã thử nhân bản repo bằng ssh vào máy chủ từ xa nhưng không thể truy cập hoặc repo (repo chính và kho lưu trữ đá quý), mặc dù các phím đang được sao chép sang ~/.ssh/
diretory của máy chủ từ xa.
sản lượng
ssh -vvv [email protected]
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to github.com [192.30.252.130] port 22.
debug1: Connection established.
debug1: identity file /home/ubuntu/.ssh/id_rsa type -1
debug1: identity file /home/ubuntu/.ssh/id_rsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_dsa type -1
debug1: identity file /home/ubuntu/.ssh/id_dsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_ecdsa type -1
debug1: identity file /home/ubuntu/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_ed25519 type -1
debug1: identity file /home/ubuntu/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version libssh-0.7.0
debug1: no match: libssh-0.7.0
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "github.com" from file "/home/ubuntu/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /home/ubuntu/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit: [email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: [email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512
debug2: kex_parse_kexinit: none,zlib,[email protected]
debug2: kex_parse_kexinit: none,zlib,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: setup hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
debug3: load_hostkeys: loading entries for host "github.com" from file "/home/ubuntu/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /home/ubuntu/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "192.30.252.130" from file "/home/ubuntu/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /home/ubuntu/.ssh/known_hosts:1
Warning: Permanently added the RSA host key for IP address '192.30.252.130' to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/ubuntu/.ssh/id_rsa ((nil)),
debug2: key: /home/ubuntu/.ssh/id_dsa ((nil)),
debug2: key: /home/ubuntu/.ssh/id_ecdsa ((nil)),
debug2: key: /home/ubuntu/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ubuntu/.ssh/id_rsa
debug1: could not open key file '/home/ubuntu/.ssh/id_rsa': Permission denied
debug1: Trying private key: /home/ubuntu/.ssh/id_dsa
debug3: no such identity: /home/ubuntu/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/ubuntu/.ssh/id_ecdsa
debug3: no such identity: /home/ubuntu/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/ubuntu/.ssh/id_ed25519
debug3: no such identity: /home/ubuntu/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
lỗi gì bạn nhận được từ git khi cố gắng sao chép tại địa phương? hãy thử sử dụng một cái gì đó như GIT_TRACE = 2 git, đây là một vấn đề trong việc truy cập github. cũng hãy thử ssh [email protected] mà sẽ cung cấp cho bạn trở lại tên người dùng của bạn –
Srgrn
@ Sigrn Tôi đã nhận lỗi tương tự của permissione bị từ chối khi tôi cố gắng để sao chép repo chính cũng như đá quý tư nhân rõ ràng trên máy chủ từ xa –
bạn có thể kết nối với máy chủ và chạy ssh -vvv [email protected] và thêm đầu ra? – Srgrn