[英]Fabric, fabfile, fab: paramiko.ssh_exception.SSHException: No existing session
cf_key is my private ssh key. cf_key 是我的私钥 ssh。 Please take a look at my traceback and my code to see what I'm doing wrong.请查看我的回溯和代码,看看我做错了什么。 I have redacted the actual server name and replaced it with "".我已经编辑了实际的服务器名称并将其替换为“”。 Looks like "key cannot be used for signing."看起来像“密钥不能用于签名”。 what is wrong with my key?我的钥匙出了什么问题?
I executed the following command: fab doit 'cf_key' refresh 'dev'
and got this error:我执行了以下命令: fab doit 'cf_key' refresh 'dev'
并收到此错误:
maintenance on
Exception: key cannot be used for signing
Traceback (most recent call last):
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/paramiko/transport.py", line 2109, in run
handler(self.auth_handler, m)
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/paramiko/auth_handler.py", line 298, in _parse_service_accept
sig = self.private_key.sign_ssh_data(blob)
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/paramiko/agent.py", line 418, in sign_ssh_data
raise SSHException("key cannot be used for signing")
paramiko.ssh_exception.SSHException: key cannot be used for signing
Traceback (most recent call last):
File "/home/michael/projects/campaignfinances/venv/bin/fab", line 8, in <module>
sys.exit(program.run())
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/invoke/program.py", line 384, in run
self.execute()
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/invoke/program.py", line 566, in execute
executor.execute(*self.tasks)
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/invoke/executor.py", line 129, in execute
result = call.task(*args, **call.kwargs)
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/invoke/tasks.py", line 127, in __call__
result = self.body(*args, **kwargs)
File "/home/michael/projects/campaignfinances/fabfile.py", line 51, in refresh
conn.run('sudo ln -sf /home/django/sites/{0}.campaignfinances.org/src/project/templates/maintenance.html {0}-maintenance.html'.format(server))
File "<decorator-gen-3>", line 2, in run
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/fabric/connection.py", line 29, in opens
self.open()
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/fabric/connection.py", line 634, in open
self.client.connect(**kwargs)
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/paramiko/client.py", line 446, in connect
passphrase,
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/paramiko/client.py", line 764, in _auth
raise saved_exception
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/paramiko/client.py", line 740, in _auth
self._transport.auth_publickey(username, key)
File "/home/michael/projects/campaignfinances/venv/lib/python3.6/site-packages/paramiko/transport.py", line 1570, in auth_publickey
raise SSHException("No existing session")
paramiko.ssh_exception.SSHException: No existing session
fabfile.py fab文件.py
###################################################################
#
# Usage:
# fab doit(path_to_ssh_key) refresh('dev|staging')
# fab doit(path_to_ssh_key) maintenanceon('dev|staging')
# fab doit(path_to_ssh_key) maintenanceoff('dev|staging')
#
# fab doit(path_to_ssh_key) productionrefresh
#
# Example: fab doit('c:\users\tom\.ssh\id_rsa.pem') maintenanceon('dev')
#
# If you use a passphrase then add --prompt-for-passphrase
####################################################################
from fabric import task, Connection
@task
def doit(ctx, keypath):
ctx.user = 'django'
ctx.host = '<servername>'
ctx.connect_kwargs.key_filename = ''.format(keypath)
@task
def maintenanceon(ctx, server):
conn = Connection(ctx.host, ctx.user, connect_kwargs=ctx.connect_kwargs)
# create ln to maintenance file
print('maintenance on')
with conn.cd('/usr/share/nginx/html/'):
conn.run('sudo ln -sf /home/django/sites/{0}.<servername>/src/project/templates/maintenance.html {0}-maintenance.html'.format(server))
@task
def maintenanceoff(ctx, server):
conn = Connection(ctx.host, ctx.user, connect_kwargs=ctx.connect_kwargs)
# create ln to maintenance file
print('maintenance off')
with conn.cd('/usr/share/nginx/html/'):
conn.run('sudo unlink {}-maintenance.html'.format(server))
@task
def refresh(ctx, server):
env_command = '. /home/django/sites/{0}.<servername>.com/{0}/bin/activate'.format(server)
conn = Connection(ctx.host, ctx.user, connect_kwargs=ctx.connect_kwargs)
# set to maintenance mode
with conn.cd('/usr/share/nginx/html/'):
print('maintenance on')
conn.run('sudo ln -sf /home/django/sites/{0}.<servername>.com/src/project/templates/maintenance.html {0}-maintenance.html'.format(server))
# refresh install
with conn.cd('/home/django/sites/{}.<servername>.com/src/'.format(server)):
print('git pull')
conn.run('git pull')
# check requirements
with conn.cd('/home/django/sites/{}.<servername>.com/src/requirements/'.format(server)):
print('pip-sync')
conn.run(env_command + '&&' + 'pip-sync {}.txt'.format(server))
# run migrations and collectstatic
with conn.cd('/home/django/sites/{}.<servername>.com/src/project/'.format(server)):
print('migrate')
conn.run(env_command + '&&' + 'python manage.py migrate')
print('collecstatic')
conn.run(env_command + '&&' + 'python manage.py collectstatic --no-input')
# restart server
print('restart server')
conn.sudo('systemctl restart {}.service'.format(server), pty=True)
# maintenance mode off
with conn.cd('/usr/share/nginx/html/'):
print('maintenance off)')
conn.run('sudo unlink {}-maintenance.html'.format(server))
@task
def productionrefresh(ctx):
env_command = '. /home/django/sites/www.<servername>.com/www/bin/activate'
conn = Connection(ctx.host, ctx.user, connect_kwargs=ctx.connect_kwargs)
# set to maintenance mode
with conn.cd('/usr/share/nginx/html/'):
print('Set to maintenance mode')
conn.run('sudo ln -sf /home/django/sites/www.<servername>.com/src/project/templates/maintenance.html prod-maintenance.html')
# refresh install
with conn.cd('/home/django/sites/www.<servername>.com/src/'):
print('Git pull')
conn.run('git pull')
# check requirements
with conn.cd('/home/django/sites/www.<servername>.com/src/requirements/'):
print('pip-sync production.txt')
conn.run(env_command + '&&' + 'pip-sync production.txt')
# run migrations and collectstatic
with conn.cd('/home/django/sites/www.<servername>.com/src/project/'):
print('python manage.py migrate')
conn.run(env_command + '&&' + 'python manage.py migrate')
print('python manage.py collectstatic')
conn.run(env_command + '&&' + 'python manage.py collectstatic --no-input')
# restart server
print('restart production service')
conn.sudo('systemctl restart production.service', pty=True)
# maintenance mode off
with conn.cd('/usr/share/nginx/html/'):
print('maintenance off')
conn.run('sudo unlink prod-maintenance.html')
@task
def productioncollect(ctx):
env_command = '. /home/django/sites/www.<servername>.com/www/bin/activate'
conn = Connection(ctx.host, ctx.user, connect_kwargs=ctx.connect_kwargs)
with conn.cd('/home/django/sites/www.<servername>.com/src/project/'):
conn.run(env_command + '&&' + 'python manage.py collectstatic --no-input')
Are you able to ssh to the server using the openssh client with that key?您是否能够使用带有该密钥的 openssh 客户端将 ssh 发送到服务器? The output indicates that your key can't be used for signing, which I've never seen before. output 表明你的密钥不能用于签名,这是我以前从未见过的。
Also, test that the key is valid for signing like this:此外,测试密钥是否对签名有效,如下所示:
redkrieg@cortex-0:~$ echo "signme" > testfile
redkrieg@cortex-0:~$ ssh-keygen -Y sign -f cf_key -n testsigning testfile
Signing file testfile
Write signature to testfile.sig
Make sure testfile.sig has an SSH SIGNATURE block in it after this.确保 testfile.sig 中有一个 SSH SIGNATURE 块。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.