多くの質問の中で、私の質問に答える質問が一つもないようです。
だから私はgitlabを使ってci / cdパイプラインを設定しようとしましたが、sshを使って展開するのをやめました。
そのため、SSHキーペア(rsa)を生成したビルドサーバーがあります。 gitlabのカスタム変数にプライベート値を追加します。しかし、そのようなデバイスやアドレスがない/dev/ttyに閉じ込められたようです。
/dev/ttyの権限を確認しましたが、よさそうです。私はgitlabと私のビルドサーバーの両方でubuntu20.4.4ltsと22.04.1 ltsを実行しています。
deploy:
stage: deploy
environment: production
image: alpine
tags:
- dev
before_script:
- apk add openssh-client
- apk add zip
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- mkdir ExampleProject
- cp -R Test /ExampleProject
- zip -r ExampleProject.zip ExampleProject
script:
- ssh -Tv -o StrictHostKeyChecking=no [email protected] "cd /home/builduser; unzip ExampleProject.zip"
私も私が感じる方法がこれに関連していることを理解しています。
編集する:
そのため、キーにはssh-keygen -t rsa -b 2048を使用しました。
gitlabソースによると: Gitlab SSH登録システム
プロジェクトに秘密鍵を変数として追加しました。鍵の場合は、パスワードを求める質問にダブルタップしました。
エラーは次のとおりです。
Executing "step_script" stage of the job script
00:06
Using docker image sha256:9c6f0724472873bb50a2ae67a9e7adcb57673a183cea8b06eb778dca859181b5 for alpine with digest alpine@sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad ...
$ apk add openssh-client
fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz
(1/6) Installing openssh-keygen (9.0_p1-r2)
(2/6) Installing ncurses-terminfo-base (6.3_p20220521-r0)
(3/6) Installing ncurses-libs (6.3_p20220521-r0)
(4/6) Installing libedit (20210910.3.1-r0)
(5/6) Installing openssh-client-common (9.0_p1-r2)
(6/6) Installing openssh-client-default (9.0_p1-r2)
Executing busybox-1.35.0-r17.trigger
OK: 11 MiB in 20 packages
$ apk add zip
(1/2) Installing unzip (6.0-r9)
(2/2) Installing zip (3.0-r9)
Executing busybox-1.35.0-r17.trigger
OK: 11 MiB in 22 packages
$ eval $(ssh-agent -s)
Agent pid 16
$ echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
Identity added: (stdin) (builduser@build-server)
$ mkdir -p ~/.ssh
$ chmod 700 ~/.ssh
$ mkdir ExampleProject
$ cp -R Test /ExampleProject
$ zip -r ExampleProject.zip ExampleProject
adding: ExampleProject/ (stored 0%)
$ ssh -Tv -o StrictHostKeyChecking=no [email protected] "cd /home/builduser; unzip ExampleProject.zip"
OpenSSH_9.0p1, OpenSSL 1.1.1q 5 Jul 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 192.168.0.95 [192.168.0.95] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.0
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3
debug1: compat_banner: match: OpenSSH_8.9p1 Ubuntu-3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.0.95:22 as 'builduser'
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:RuQORGBuQwSDQosn3QKNw0tIxSL398OOhPg80CF3VzA
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
Warning: Permanently added '192.168.0.95' (ED25519) to the list of known hosts.
debug1: check_host_key: hostkey not known or explicitly trusted: disabling UpdateHostkeys
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 1 keys
debug1: Will attempt key: builduser@build-server RSA SHA256:caxgh10CwPovoNFrlxrnxkU6GsvfeQND0bOjhft/us0 agent
debug1: Will attempt key: /root/.ssh/id_rsa
debug1: Will attempt key: /root/.ssh/id_ecdsa
debug1: Will attempt key: /root/.ssh/id_ecdsa_sk
debug1: Will attempt key: /root/.ssh/id_ed25519
debug1: Will attempt key: /root/.ssh/id_ed25519_sk
debug1: Will attempt key: /root/.ssh/id_xmss
debug1: Will attempt key: /root/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]>
debug1: kex_input_ext_info: [email protected]=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
This server is protected.
Ungranted access to this server is forbidden and illigal by law to do so.
Going further you agreed to know the issues and consequences that may cause of your actions punishable by law.
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: builduser@build-server RSA SHA256:caxgh10CwPovoNFrlxrnxkU6GsvfeQND0bOjhft/us0 agent
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ecdsa_sk
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Trying private key: /root/.ssh/id_ed25519_sk
debug1: Trying private key: /root/.ssh/id_xmss
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey,password).
ERROR: Job failed: exit code 255
ベストアンサー1
1つの可能性は、パスワードを含むキーを追加したことです。これはあなたのプライベート鍵は暗号化されており、ロックを解除するにはパスワードを入力する必要があります。ローカルシステムでは、コンピュータに「パスワードを覚えておく」、「キーチェーンに保存してください」、または同様のコマンドを発行できます。しかし、gitlabサーバーにはパスワードはありません。
gitlab CI / CDサーバーがキーを要求するときに適切なパスワードが必要で、端末を開こうとします。ただし、ローカル端末がないように設定されているため、エラーが発生します。
簡単な解決策は、別のSSHキーを生成しますが、パスワードは設定しないことです。
編集:コメントに基づいて更新されました
別の可能性もあります。秘密鍵をアップロードしていないため、サーバー/ću / cdはその鍵でログインできず、パスワードを求められます。