我正在从AWS迁移,我正在使用ansible进行部署到Google Cloud计算实例。我正在尝试使用授权密钥在盒子上设置一些用户。这曾经适用于AWS,但似乎用户管理与Google Compute略有不同。这就是我正在做的事情。
在本地创建了一个ssh-key。将此密钥(公共)放在ansible文件中,并将其复制到/home/deploy/.ssh/authorized_keys
我仍然无法使用本地方框中的此密钥登录。
$ ssh -i ~/.ssh/deploy_rsa deploy@<host>
是否有允许登录该框的用户列表?我是否可以仅将用户配置为从云控制台登录到框?
修改
$ ssh -i ~/.ssh/deploy_rsa deploy@<host>
... skipped some logs here ....
Here's SSH logs from client side:
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/ankit/.ssh/gcloud-rsa (0x7ff1d16105e0),
debug2: key: /Users/ankit/.ssh/deploy_rsa (0x0), explicit
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/ankit/.ssh/gcloud-rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/ankit/.ssh/deploy_rsa
debug3: sign_and_send_pubkey: RSA SHA256:h+yezPKOVjeA2ZKOAN/1r1GRe2s1nyGKwG6wobm+Vh0
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
客户选择的另一个密钥来自~/.ssh/config
答案 0 :(得分:1)
我对Ansible了解不多,希望以下文档可以帮助Connecting to Instance,Adding and Removing SSH Keys,Creating User Accounts for Linux Instances
顺便说一句,由于防火墙设置,它也是可能的。在非默认网络中,默认情况下不允许使用tcp:22。