我正在尝试在VirtualBox 5.1.22上使用我自己的一对RSA SSH-2密钥和Vagrant 1.9.5,以及Windows 7 SP1主机和CentOS 7.3来宾。
当我执行vagrant up时,我得到:
Waiting for machine to boot. This may take a few minutes...
SSH address: 127.0.0.1:2222
SSH username: vagrant
SSH auth method: private key
Warning: Connection aborted. Retrying...
Warning: Connection reset. Retrying...
Warning: Connection aborted. Retrying...
Warning: Connection reset. Retrying...
Warning: Connection aborted. Retrying...
Warning: Connection reset. Retrying...
Warning: Connection aborted. Retrying...
...
我发现原因是无法连接到guest虚拟机,因为所需的密钥未添加到〜/ .ssh / authorized_keys,但它包含Vagrant的默认insecure_private_key。
这是我的Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.boot_timeout = 120
config.ssh.insert_key = false
config.ssh.private_key_path = ["vagrant-setup/keys/my_openssh.key"]
# This is not copying authorized_keys to the guest
config.vm.provision "file", source: "vagrant-setup/.ssh/authorized_keys", destination: "~/.ssh/autorized_keys"
# Setting forward_agent to true and adding the key to Pageant doesn't make any difference
config.ssh.forward_agent = false
config.vm.define "MyMachineName" do |vs|
vs.vm.box = "vagrant-centos-73-x86_64-puppet"
vs.vm.box_url = "https://github.com/CommanderK5/packer-centos-template/releases/download/0.7.3/vagrant-centos-7.3.box"
# The shell script that will execute once just after the VM is created
vs.vm.provision "shell", path: "vagrant-setup/setup.sh"
# Create a private network, which allows host-only access to the machine using a specific IP.
config.vm.network "private_network", ip: "192.168.101.110"
vs.vm.provider "virtualbox" do |vb|
# Enable the GUI of VirtualBox and see whether the VM is waiting for input on startup
vb.gui = false
end
end
end
我尝试使用来自访客的vm.provision "shell"和cp来复制autorized_keys。我曾尝试在复制之前更改guest虚拟机上autorized_keys的权限,但似乎没有任何工作,因为它没有连接。我试图在MyMachineName中执行副本,如vs.vm.provision "file", ...
如果我使用vagrant ssh使用用户名+密码登录一次,并且我手动编写authorized_keys,那么之后我可以使用SSH密钥登录而无需密码。
vagrant ssh-config报告
Host MyMachineName
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile C:/MyMachineName/vagrant-setup/keys/my_openssh.key
IdentitiesOnly yes
LogLevel FATAL
将私钥放入C:\Users\My User Name\.ssh\id_rsa似乎有所不同,就像Vagrant仍然在那里寻找一些东西,尽管我明确地设置了我自己的私钥,但是没有让它工作。并且它似乎也有问题C:\Users\My User Name\有空格但是因为它不应该使用那么这应该没关系。
所以问题是如何使用我自己的SSH密钥进行Vagrant工作,而无需手动调整来宾虚拟机?
这个other question有很多回复,但是大部分都是手工将密钥放在authorized_keys中,这正是我想要避免的。
答案 0 :(得分:0)
基于Frédéric Henri评论,这对我来说只能使用我自己的密钥登录,而不是不安全的密钥,也不是用户+密码:
# -*- mode: ruby -*-
# vi: set ft=ruby :
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.ssh.insert_key = false
rsakey = File.read("vagrant-setup/keys/authorized_keys")
config.vm.provision "shell", inline: <<-EOC
echo '#{rsakey}' >> /home/vagrant/.ssh/authorized_keys
sed --in-place=.bak -r 's/^#?(PermitRootLogin|PermitEmptyPasswords|PasswordAuthentication|X11Forwarding) yes/\1 no/' /etc/ssh/sshd_config
sed --in-place=.bak '/== vagrant insecure public key$/d' /home/vagrant/.ssh/authorized_keys
EOC
config.vm.define "MyMachine" do |vs|
vs.vm.box = "vagrant-centos-73-x86_64-puppet"
vs.vm.box_url = "https://github.com/CommanderK5/packer-centos-template/releases/download/0.7.3/vagrant-centos-7.3.box"
# SSH settings
vs.ssh.private_key_path = ['~/.vagrant.d/insecure_private_key', "vagrant-setup/keys/my_openssh.key"]
# The shell script that will execute once just after the VM is created
vs.vm.provision "shell", path: "vagrant-setup/my_own_custom_setup_stuff.sh"
# Create a private network, which allows host-only access to the machine using a specific IP.
config.vm.network "private_network", ip: "192.168.101.110"
end
end