在Dockerfile上使用SSH密钥进行Gitlab - 权限被拒绝

时间:2018-06-17 10:26:10

标签: git docker

嗨!

我目前正在尝试构建一个docker镜像,我需要从远程 GitLab服务器中拉出一个git项目。问题是publickey method根本不起作用。

错误:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)
fatal: Could not read from remote repository.

我启动了命令:

docker build . --build-arg priv_key="$(cat ~/.ssh/id_rsa)" --build-arg pub_key="$(cat ~/.ssh/id_rsa.pub)"

有我的Dockerfile:

FROM centos/python-35-centos7:latest
USER root
ARG pub_key
ARG priv_key
RUN mkdir -p /root/.ssh/
RUN chmod 0700 /root/.ssh/
RUN echo ${pub_key} >> /root/.ssh/id_rsa.pub
RUN chmod 600 /root/.ssh/id_rsa.pub
RUN echo ${priv_key} >> /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa
RUN git config --global user.name "A name"
RUN git config --global user.email "email@address.com"
RUN echo "Host 192.168.1.28\n\tPasswordAuthentication no\n" >> /root/.ssh/config
RUN chmod 600 /root/.ssh/config
RUN ssh-keyscan -t rsa 192.168.1.28 >> /root/.ssh/known_hosts
RUN ssh -Tv git@192.168.1.28

问题是,当我检查ssh -Tv的输出时,它会尝试read_passphrase而不是authenticate:

debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519

看起来它想要一个密码(/ dev / tty:没有这样的设备或地址),但在主机上,同样的命令完全有效:

debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.1.28 ([192.168.1.28]:22).

知道发生了什么事吗?

编辑

使用下面提供的website @emory,我已经尝试了代码(并添加了chmod命令以避免Docker错误),使用我拥有的GitLab IP地址设置它...它有效!

我改变了以下几行:

FROM ubuntu as intermediate > FROM centos:7
apt-get update > yum update
apt-get install -y git > yum install -y git

它也有效。我也尝试了原来的centos/python-35-centos7:latest,它起作用了。对于那些需要它的人,有功能代码:

FROM centos/python-35-centos7:latest
#FROM centos:7
USER root
RUN yum update -y
RUN yum install -y git
ARG SSH_PRIVATE_KEY
RUN mkdir /root/.ssh/
RUN echo "${SSH_PRIVATE_KEY}" > /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa
RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan 192.168.1.28 >> /root/.ssh/known_hosts
RUN ssh -Tv git@192.168.1.28

1 个答案:

答案 0 :(得分:1)

显然答案是使用不同的基本图像。据报道G有效。 https://vsupalov.com/build-docker-image-clone-private-repo-ssh-key/是一个很好的指导。

相关问题
最新问题