我一直在尝试从 Drone 运行 SSH 命令,该命令在名为bb. 根据其他线程中的一些建议,我已RUN echo " IdentityFile /root/.ssh/id_rsa" >> /etc/ssh/ssh_config在我的 Dockerfile 中添加。
我曾经docker run -it bb /bin/bash检查过 SSH 密钥是否存在,并且我可以使用该交互式终端成功地通过 SSH 连接到远程主机。
但是,当我尝试使用这样的.drone.yml构建脚本执行相同的命令时:
image: bb
script:
- whoami
- ssh -vvv -t -t 192.0.2.1 "whoami"
...我在遇到基于密码的识别后出现“权限被拒绝”错误。(whoami在容器内运行,输出root,并继续执行ssh命令。)
我已经将详细的输出归结为这个相关的部分:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp f2:...
debug3: sign_and_send_pubkey: RSA f2:...
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
...它清楚地表明“我们没有发送数据包,禁用方法”。我检查了密钥的指纹,ssh-keygen -lf /root/.ssh/id_rsa它与输出中的指纹匹配。
/var/log/auth.log然后我查看了远程主机上的身份验证日志(这是日志。
成功(交互式容器)登录:
Accepted publickey for root from 192.0.2.1 port 59472 ssh2: RSA f2:...
pam_unix(sshd:session): session opened for user root by (uid=0)
Received disconnect from 192.0.2.1: 11: disconnected by user
pam_unix(sshd:session): session closed for user root
失败(无人机容器)登录:
error: RSA_public_decrypt failed: error:04067084:lib(4):func(103):reason(132)
Failed password for root from 192.0.2.1 port 54172 ssh2
Failed password for root from 192.0.2.1 port 54172 ssh2
Connection closed by 192.0.2.1 [preauth]
所以看起来我的密钥不是由 Drone 容器发送的。我已经whoami在构建脚本中运行,它报告它正在运行root,这是我所期望的。
我怎样才能让它工作?
