[英]Open SSH from Heroku
I've deployed on Heroku a worker who periodically uploads a file to a ssh server. 我在Heroku上部署了一个工人,该工人定期将文件上传到ssh服务器。 It's wrote on Node.js and it does:
它写在Node.js上,它可以:
require('child_process').exec('scp -i id_rsa myfile.txt myuser@myserver.com:updated.txt', function() { ... });
In order to connect to the server the repository has a *id_rsa* file with a private key than is authorized by myserver.com . 为了连接到服务器,存储库有一个* id_rsa *文件,该文件带有一个私钥,该私钥比myserver.com所授权。 I've tested it on two computers (than has no key exchange with myserver.com ) and it works, but when I upload it to Heroku it scp outputs:
我已经在两台计算机上对其进行了测试(而不是与myserver.com进行了密钥交换),并且它可以工作,但是当我将其上传到Heroku时,它会输出scp:
Host key verification failed.
Why? 为什么?
I've also tried instead of execute scp : 我也试过而不是执行scp :
cat file.txt | ssh [myuser]@[myserver] "cat > updated.txt"
The same problem. 同样的问题。
Executing ssh -v ... it outputs: 执行ssh -v ...它输出:
[...]
debug1: read_passphrase: can't open /dev/tty: No such device or address
Host key verification failed.
[...]
I can't access tty on Heroku? 我在Heroku上无法访问tty?
This are all the files on the repo: 这是仓库中的所有文件:
require('child_process').exec('scp -i id_rsa file.txt [myuser]@[myserver]:updated.txt', function(error, stdout, stderr) {
if (error)
console.error('FAILED', stderr.toString());
console.log('OUTPUT', stdout.toString());
});
-----BEGIN RSA PRIVATE KEY-----
[censored]
-----END RSA PRIVATE KEY-----
{
"name": "exta",
"version": "0.0.1",
"engines": { "node": "0.6.x" }
}
worker: node main
Testing
Found the problem, it was not on the RSA key but on the server key. 找到了问题,它不是在RSA密钥上,而是在服务器密钥上。
The first time a SSH connection is established between two computers SSH ask you yo add the server's key to ~/.ssh/known_hosts in order to do this it tries to prompt it into the tty. 第一次在两台计算机之间建立SSH连接时,SSH要求您将服务器的密钥添加到〜/ .ssh / known_hosts中,以便尝试将其提示输入tty。 As I've already accepted my server's key on my computers it didn't happen when I tested it locally.
因为我已经在计算机上接受了服务器的密钥,所以在本地测试时并没有发生。
As I'm not sure how to order my program to add the key to ~/.shh/known_hosts I've tricked SSH to add the key without asking: 因为我不确定如何命令程序将密钥添加到〜/ .shh / known_hosts中,所以我欺骗了SSH来添加密钥而不询问:
ssh -i id_rsa -o -o StrictHostKeyChecking=no [myuser]@[myserver]
As I don't want to touch Heroku's environment I've also asked ssh to store the keys on /dev/null so nothing is modified: 由于我不想接触Heroku的环境,因此我还要求ssh将密钥存储在/ dev / null上,因此没有任何修改:
ssh -i id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no [myuser]@[myserver]
And... IT WORKS! 而且...它有效! :D
:d
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.