Ansible Git 권한이 거부되었습니다(공개 키).

Ansible Git 권한이 거부되었습니다(공개 키).
{
  "changed": false,
  "cmd": "/bin/git clone --bare ssh:********@enterprise.acme.net:7999/acme/acme-whm.git /usr/local/acme/.git",
  "msg": "Warning: Permanently added [enterprise.acme.net]:7999,[10.0.37.37]:7999 (RSA) to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.",                                               
  "rc": 128,
  "stderr": "Warning: Permanently added [enterprise.acme.net]:7999,[10.0.37.37]:7999 (RSA) to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n",                                          
  "stderr_lines": [
    "Warning: Permanently added [enterprise.acme.net]:7999,[10.0.37.37]:7999 (RSA) to the list of known hosts.",                                                                                                            
    "Permission denied (publickey).",
    "fatal: Could not read from remote repository.",
    "",
    "Please make sure you have the correct access rights",
    "and the repository exists."
  ],
  "stdout": "Cloning into bare repository /usr/local/acme/.git...\n",
  "stdout_lines": [
    "Cloning into bare repository /usr/local/acme/.git..."
  ]
}

그렇다면 왜 이 문제가 발생하는 걸까요?

accept_hostkey: True

내 연극에서?

- name: Clone Git                                                                             
    environment:                                                                                
      TMPDIR: "{{ acme_root }}"                                                               
    git:                                                                                        
      bare: yes                                                                                 
      track_submodules: yes                                                                     
      accept_hostkey: yes                                                                       
      repo: "{{ acme_repo_upstream }}"                                                        
      dest: "{{ acme_root }}/.git"

답변1

Ansible에 연결할 수 있는지 여부와 Git에 대한 선택 사항에 관계없이 다음 메시지가 표시되면,

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:J6ErF8jeZVKGsg0db5u2hiNeQbH4pdGzPcbpGXZhOm8.
Please contact your system administrator.
Add correct host key in /home/ecarroll/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ecarroll/.ssh/known_hosts:50
  remove with:
  ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"
ECDSA host key for 10.1.38.15 has changed and you have requested strict checking.
Host key verification failed.

그러면 프록시가 이를 전달하지 않습니다. 달려보면 ssh-add -l알겠지만,

Could not open a connection to your authentication agent.

그리고 달려야 해

 ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"

그런 다음 다시 연결하십시오.

관련 정보