[英]Ansible git clone 'Permission Denied' but direct git clone working
I got a troubling issue with Ansible. 我对Ansible有一个令人不安的问题。 I setup a git cloning on my environment using ssh key of my current host:
我使用当前主机的ssh键在我的环境中设置了一个git克隆:
- name: Add user Public Key
copy:
src: "/Users/alexgrs/.ssh/id_rsa.pub"
dest: "/home/vagrant/.ssh/id_rsa.pub"
mode: 0644
- name: Add user Private Key
copy:
src: "/Users/alexgrs/.ssh/id_rsa"
dest: "/home/vagrant/.ssh/id_rsa"
mode: 0600
- name: Clone Repository
git:
repo: repo.git
dest: /home/vagrant/workspace/
update: true
accept_hostkey: true
key_file: "/home/vagrant/.ssh/id_rsa.pub"
If I vagrant ssh
on Vagrant and execute git pull repo
it works. 如果我在Vagrant上流浪
vagrant ssh
并执行git pull repo
就行了。 But when I do a vagrant provision
I got the following error message: 但是,当我做一个
vagrant provision
我收到以下错误消息:
stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
I'm pretty sure my publickey is not used by vangrant provision but I'm not able to detect why. 我很确定我的公钥不被vangrant规定使用,但我无法检测到原因。
Did you already see this kind of issue ? 你有没有看到这种问题?
Thank you. 谢谢。
EDIT: It seems that ansible is not doing a git clone but is trying the following command: 编辑:似乎ansible没有做一个git克隆,但正在尝试以下命令:
/usr/bin/git ls-remote ssh://repo.git -h refs/heads/HEAD
I tried it in my vagrant box and I have the same permission denied issue. 我在我的流浪盒中尝试过,我有同样的权限被拒绝的问题。
Copying private keys IMHO never is a good idea. 复制私钥恕我直言永远不是一个好主意。 A better option would be to enable ssh agent forwarding .
更好的选择是启用ssh代理转发 。
You can do this globally in your local .ssh/config
: 您可以在本地
.ssh/config
全局执行此操作:
ForwardAgent yes
Or in your ansible.cfg
: 或者在你的
ansible.cfg
:
[ssh_connection]
ssh_args= -A
In any case though you need to make sure the host/vm accepts agent forwarding. 在任何情况下,您都需要确保host / vm接受代理转发。 In the remote
/etc/ssh/sshd_config
this has to be defined: 在远程
/etc/ssh/sshd_config
中,必须定义:
AllowAgentForwarding yes
In the key_file option, you are using the public key when you should be using the private key 在key_file选项中,您应该在使用私钥时使用公钥
Source: http://docs.ansible.com/git_module.html 资料来源: http : //docs.ansible.com/git_module.html
CheckOut this GitHub issue . CheckOut 这个GitHub问题 。
It explains that repo.git
ssh clone url should either be (URL syntax): 它解释了
repo.git
ssh clone url应该是(URL语法):
ssh://git@bitbucket.org/my_user/my_repo.git
or (SCP syntax): 或(SCP语法):
git@bitbucket.org:my_user/my_repo.git
Check your key_file
too. 检查你的
key_file
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.