我正在尝试使用Fabric在两个单独的Gerrit服务器上运行ssh命令。我通过先打印version命令的输出来测试它。
这适用于一台服务器:
result = fabric.Connection('gerritcodereview2',user='myusername',port=29418).run('gerrit version')
gerrit version 2.15.3
另一个给出以下错误:
result = fabric.Connection('gerritcodereview',user='myusername',port=29418).run('gerrit version', echo=True,
...: replace_env=True)
Exception: Signature verification (ssh-ed25519) failed.
Traceback (most recent call last):
File "/usr/local/lib/python3.5/dist-packages/paramiko/transport.py", line 2002, in run
self.kex_engine.parse_next(ptype, m)
File "/usr/local/lib/python3.5/dist-packages/paramiko/kex_ecdh_nist.py", line 47, in parse_next
return self._parse_kexecdh_reply(m)
File "/usr/local/lib/python3.5/dist-packages/paramiko/kex_ecdh_nist.py", line 115, in _parse_kexecdh_reply
self.transport._verify_key(K_S, sig)
File "/usr/local/lib/python3.5/dist-packages/paramiko/transport.py", line 1816, in _verify_key
self.host_key_type
paramiko.ssh_exception.SSHException: Signature verification (ssh-ed25519) failed.
---------------------------------------------------------------------------
SSHException Traceback (most recent call last)
<ipython-input-10-824d820915ee> in <module>()
----> 1 result = fabric.Connection('gerritcodereview',user='myusername',port=29418).run('gerrit version', echo=True, replace_env=True)
<decorator-gen-3> in run(self, command, **kwargs)
/usr/local/lib/python3.5/dist-packages/fabric/connection.py in opens(method, self, *args, **kwargs)
27 @decorator
28 def opens(method, self, *args, **kwargs):
---> 29 self.open()
30 return method(self, *args, **kwargs)
31
/usr/local/lib/python3.5/dist-packages/fabric/connection.py in open(self)
613 del kwargs["key_filename"]
614 # Actually connect!
--> 615 self.client.connect(**kwargs)
616 self.transport = self.client.get_transport()
617
/usr/local/lib/python3.5/dist-packages/paramiko/client.py in connect(self, hostname, port, username, password, pkey, key_filename, timeout, allow_agent, look_for_keys, compress, sock, gss_auth, gss_kex, gss_deleg_creds, gss_host, banner_timeout, auth_timeout, gss_trust_dns, passphrase)
395 sec_opts.key_types = [keytype] + other_types
396
--> 397 t.start_client(timeout=timeout)
398
399 # If GSS-API Key Exchange is performed we are not required to check the
/usr/local/lib/python3.5/dist-packages/paramiko/transport.py in start_client(self, event, timeout)
585 e = self.get_exception()
586 if e is not None:
--> 587 raise e
588 raise SSHException("Negotiation failed.")
589 if event.is_set() or (
/usr/local/lib/python3.5/dist-packages/paramiko/transport.py in run(self)
2000 self._expected_packet = tuple()
2001 if (ptype >= 30) and (ptype <= 41):
-> 2002 self.kex_engine.parse_next(ptype, m)
2003 continue
2004
/usr/local/lib/python3.5/dist-packages/paramiko/kex_ecdh_nist.py in parse_next(self, ptype, m)
45 return self._parse_kexecdh_init(m)
46 elif not self.transport.server_mode and (ptype == _MSG_KEXECDH_REPLY):
---> 47 return self._parse_kexecdh_reply(m)
48 raise SSHException(
49 "KexECDH asked to handle packet type {:d}".format(ptype)
/usr/local/lib/python3.5/dist-packages/paramiko/kex_ecdh_nist.py in _parse_kexecdh_reply(self, m)
113 hm.add_mpint(K)
114 self.transport._set_K_H(K, self.hash_algo(hm.asbytes()).digest())
--> 115 self.transport._verify_key(K_S, sig)
116 self.transport._activate_outbound()
117
/usr/local/lib/python3.5/dist-packages/paramiko/transport.py in _verify_key(self, host_key, sig)
1814 raise SSHException(
1815 "Signature verification ({}) failed.".format(
-> 1816 self.host_key_type
1817 )
1818 ) # noqa
SSHException: Signature verification (ssh-ed25519) failed.
当我仅从命令行使用ssh时,两者都可以正常工作:
ssh -p 29418 myusername@gerritcodereview2 gerrit version
gerrit version 2.15.3
ssh -p 29418 myusername@gerritcodereview gerrit version
gerrit version 2.14.1
尽管它们运行的是Gerrit的不同版本,但这似乎是一个ssh问题。两台计算机上的用户名相同。我已经验证了两个服务器共享的公用密钥。我在这里缺少基本的东西吗?我对ssh密钥的使用非常基础,我为一组遥控器(工作/家庭)生成了密钥,仅此而已。我只是感到困惑,因为ssh命令行界面似乎工作正常。
我正在Ubuntu 16.04机器上使用python3.5.2和fabric 2.4.0。
任何指针都值得赞赏。