Sto usando ansible per la gestione della configurazione. Sto clonando il repository privato dopo aver copiato il file delle coppie di chiavi pubbliche e private sul server remoto. La clonazione funziona bene, ma quando ho eseguito bundle install
, ottenendo l'errore di public key permission denied
.Il repository privato viene clonato via il playbook ansible ma la gemma privata non viene installata
Ansible playbook
---
- hosts: launched
sudo: yes
remote_user: ubuntu
key_file: /home/ubuntu/.ssh/id_rsa
tasks:
- name: update apt
apt: update_cache=yes
- name: ensure public key and public one are present
sudo: yes
copy: src={{item}} dest=/home/ubuntu/.ssh/{{ item }} mode=0600
with_items:
- id_rsa.pub
- name: ensure private key and public one are present
sudo: yes
copy: src={{item}} dest=/home/ubuntu/.ssh/{{ item }} mode=0600
with_items:
- id_rsa
- name: Deploy site files from Github repository
# sudo: yes
git: [email protected]:xyz/abc.git dest=/home/{{deploy_user}}/{{app_name}} key_file=/home/ubuntu/.ssh/id_rsa accept_hostkey=yes force=yes version=release
- name: config database.yml
template: src=database.yml.j2 dest={{ deploy_directory}}/config/database.yml
- name: bundle install
command: bundle install chdir={{ deploy_directory }}
- name: sidekiq initializer
command: bundle exec sidekiq -C ./config/sidekiq.yml chdir={{deploy_directory}}
- name: migrate create
command: rake db:create RAILS_ENV="production" chdir={{ deploy_directory }}
- name: migrate migrate
command: rake db:migrate RAILS_ENV="production" chdir={{ deploy_directory }}
Il Gemfile utilizza gemme privati tramite SSH url del gitub. Pertanto, mentre si esegue l'installazione del pacchetto attraverso il playbook, si ottiene il seguente errore.
La chiave che ho aggiunto al server remoto ha anche accesso alla gem privata, ma in qualche modo si sta negando l'autorizzazione.
Ho provato personalmente a clonare il repository da ssh nel server remoto ma non sono riuscito ad accedere a entrambi i repo (repo principale e repository gem), sebbene le chiavi vengano copiate nel file ~/.ssh/
del server remoto.
uscita del
ssh -vvv [email protected]
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to github.com [192.30.252.130] port 22.
debug1: Connection established.
debug1: identity file /home/ubuntu/.ssh/id_rsa type -1
debug1: identity file /home/ubuntu/.ssh/id_rsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_dsa type -1
debug1: identity file /home/ubuntu/.ssh/id_dsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_ecdsa type -1
debug1: identity file /home/ubuntu/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_ed25519 type -1
debug1: identity file /home/ubuntu/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version libssh-0.7.0
debug1: no match: libssh-0.7.0
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "github.com" from file "/home/ubuntu/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /home/ubuntu/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit: [email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: [email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha2-256,hmac-sha2-512
debug2: kex_parse_kexinit: none,zlib,[email protected]
debug2: kex_parse_kexinit: none,zlib,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: setup hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
debug3: load_hostkeys: loading entries for host "github.com" from file "/home/ubuntu/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /home/ubuntu/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "192.30.252.130" from file "/home/ubuntu/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /home/ubuntu/.ssh/known_hosts:1
Warning: Permanently added the RSA host key for IP address '192.30.252.130' to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/ubuntu/.ssh/id_rsa ((nil)),
debug2: key: /home/ubuntu/.ssh/id_dsa ((nil)),
debug2: key: /home/ubuntu/.ssh/id_ecdsa ((nil)),
debug2: key: /home/ubuntu/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ubuntu/.ssh/id_rsa
debug1: could not open key file '/home/ubuntu/.ssh/id_rsa': Permission denied
debug1: Trying private key: /home/ubuntu/.ssh/id_dsa
debug3: no such identity: /home/ubuntu/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/ubuntu/.ssh/id_ecdsa
debug3: no such identity: /home/ubuntu/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/ubuntu/.ssh/id_ed25519
debug3: no such identity: /home/ubuntu/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
Quale errore si ottiene da git quando si cerca di clonare a livello locale? prova a utilizzare qualcosa come GIT_TRACE = 2 git, questo è un problema per accedere a github. prova anche ssh [email protected] che dovrebbe restituirti il tuo nome utente –
Srgrn
@Srgrn Ho ricevuto lo stesso errore di permissione negato quando ho provato a clonare il repository principale così come il gem privato esplicitamente sul server remoto –
puoi connetterti a il server ed esegui ssh -vvv [email protected] e aggiungi l'output? – Srgrn