堆栈内存溢出
  简体   繁体   English

ssh-keyscan 抛出写入:操作超时

[英]ssh-keyscan throws write :Operation times out

 原文  2019-02-04 12:38:42       ssh/ kubernetes/ gitlab

问题描述

I have gitlab runner installed on kube.netes .我在 kube.netes 上安装了kube.netes I am trying to build docker image from a Dockerfile which needs to clone private repositories over ssh. I have added ssh-keyscan to get public key of the repo URL.我正在尝试从 Dockerfile 构建 docker 图像,它需要在 ssh 上克隆私有存储库。我添加了ssh-keyscan以获取存储库 URL 的公钥。
It throws following error most of the times:大多数时候它会抛出以下错误:

write (git..com): Operation timed out写(git..com):操作超时

I have tried increasing timeout but the behaviour is still the same.我尝试增加超时,但行为仍然相同。

This is the command I am running from Dockerfile这是我从 Dockerfile 运行的命令

RUN mkdir -p -m 0600 /root/.ssh && ssh-keyscan  -vvv -T 300 -p  <port> git.<kygitlab>.com >> /root/.ssh/known_hosts

The public key should be stored into know_hosts file without any error.公钥应无误地存储到know_hosts文件中。 This works fine in my local system but throws an error when executed with gitlab CI on kube.netes.这在我的本地系统中运行良好,但在 kube.netes 上使用 gitlab CI 执行时会抛出错误。

2 个解决方案

解决方案1
 0  2019-02-05 06:09:21

The problem is: 问题是:

  • you don't need to update only the known_hosts, 您不需要仅更新known_hosts,
  • you also need a private/public key pair (in the ~/.ssh Docker image folder), with the public key registered on the remote private repo hosting service side. 您还need一个私钥/公钥对(在~/.ssh Docker image文件夹中),并将公钥注册在远程私有仓库托管服务端。

Only that would allow you to access and clone a private remote repo. 只有这样,您才能访问和克隆私有远程存储库。

解决方案2
 0  2022-12-02 20:34:30

Short Explanation: Check if SSH traffic is enabled, if not allow SSH traffic.简短说明:检查是否启用了 SSH 流量,如果不允许,则允许 SSH 流量。 You can run the following command to know if it is enabled.您可以运行以下命令来了解它是否已启用。 You can replace github.com with your git host instance.您可以将 github.com 替换为您的 git 主机实例。

ssh -T git@github.com

More Details: I faced a similar issue, but the platform I am working on is different.更多详细信息:我遇到了类似的问题,但我正在使用的平台不同。 We are building a docker image on docker executor in GitLab runner .我们正在GitLab runner 中的 docker 执行器上构建一个 docker 图像。 So, here, the image is getting built inside another docker container.所以,在这里,图像是在另一个 docker 容器中构建的。 The concept is called Docker-in-Docker which is explained here .这个概念称为 Docker-in-Docker, 在此处进行了解释。

After spending time, we got to know that SSH (port:22) traffic is blocked on the host machine which cascades to all the guests (docker containers) on it.花时间后,我们了解到SSH (port:22) traffic is blocked ,并级联到主机上的所有来宾(docker 容器)。 Once, we enabled the SSH traffic, it worked like a charm.有一次,我们启用了 SSH 流量,它非常有效。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ssh-keyscan 在 github-actions 上失败 - ssh-keyscan fails on github-actions ssh-keyscan对于ipv6地址失败 - ssh-keyscan fails for ipv6 addresses ssh-keyscan不会清除localhost - ssh-keyscan does not clear localhost 使用 Paramiko 检索所有主机密钥(如 ssh-keyscan) - Retrieve all host keys using Paramiko (like ssh-keyscan) ssh无法读取.ssh / known_hosts中的特定ssh-keyscan条目? - ssh not reading specific ssh-keyscan entry inside .ssh/known_hosts? ssh-keyscan 和 mac: debug2: fd 3 设置 O_NONBLOCK - ssh-keyscan and mac: debug2: fd 3 setting O_NONBLOCK Powershell 的 Start-Transcript cmdlet 未记录来自 Git 系列的可执行文件 ssh-keyscan 的控制台 output - Powershell's Start-Transcript cmdlet is not logging the console output of the executable ssh-keyscan from the Git family ssh-keyscan 不在 GitLab 作业中收集 ec2 实例公钥 - ssh-keyscan doesn't collect ec2 instance public keys in GitLab job ssh-keyscan - 有没有办法从 -f 指定的文件中指定 22 以外的端口? - ssh-keyscan - Is there any way to specify a port other than 22 from within the file specified by -f? PyCharm 表示远程主机 ID 已更改,但 ssh-keyscan 没有 - PyCharm says remote host ID has changed, but ssh-keyscan does not
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM