Hello Rickard,
i am also getting the below logs before host key verification failed:
digitalocean: debug2: resolving "ab.xyz.com" port 971
digitalocean: debug2: ssh_connect_direct: needpriv 0
digitalocean: debug1: Connecting to ab.xyz.com [1.2.3.4 port 971.
digitalocean: debug1: Connection established.
On Monday, January 7, 2019 at 1:21:41 PM UTC+5:30, Tekchand Dagar wrote:
>
> Hello Rickard,
>
> Thank you for your help and patience.
>
> Error:
>
> Host key verification failed
>
> I am very well aware about above error. Below is the my whole scenario and
> i am confused how i can pass my Public SSH key. Please have a look in my
> scenario steps and guide me:
>
> 1. We have a repository (project) on our gitlab server. My personal laptop
> SSH key is there and i can clone it over my personal laptop.
> 2. Over my laptop i have installed Virtualbox and Packer machine is run
> over it.
> 3. I have copied my laptop SSH private key on packer machine and run the
> below command:
> eval "$(ssh-agent)"
> ps aux | grep ssh
> ssh-add /path/of/file/which/contain/my/private/key
>
> Now as per my knowledge it will use my laptop public ssh key to
> authenticate when it will clone the git. But it fail to found my Public SSH
> key. Can you please help me how i can pass my Public SSH key for
> authentication so i can clone the git?
>
> Thanks.
>
>
> On Sunday, January 6, 2019 at 2:33:44 AM UTC+5:30, Rickard von Essen wrote:
>>
>> I already explained that you can't really do it this way. You get:
>>
>> digitalocean: Could not open a connection to your authentication agent.
>>
>> Since the deploy user is not allowed to connect to the ssh agent socket
>> owned by the root user. To quote my self:
>>
>> "when you switch to the deploy user (become_user: deploy) that user can't
>> access the Unix socket forwarding the ssh-agent, only root can do that
>> since root is the owner of it.
>>
>> There is no way around that that and my recommendation is that you
>> instead let root clone the repo and then move/chown it to deploy."
>>
>>
>> On Fri, Jan 4, 2019, 18:06 Vincent Rubiolo <[email protected]
>> wrote:
>>
>>> Hi Tekchand,
>>>
>>> Thank you for your response and suggestion.
>>>>
>>>
>>> You're welcome, but you did not try what I had suggested (putting 'pwd'
>>> in your git clone command and reporting the output). Can you do that?
>>>
>>>
>>>> Yes...after adding -p 987 in my SSH command getting connection time out
>>>> error. I need to fix it first and you are right in my build json file the
>>>> connection part is coming first and then clone part. So now its not
>>>> reaching on clone because it fail at SSH connection.
>>>
>>>
>>> I will let you check that with Rickard.
>>>
>>> Vincent
>>>
>>>
>>> On Wed, Jan 2, 2019 at 10:50 PM Tekchand Dagar <[email protected]>
>>> wrote:
>>>
>>>> Hello Vincent,
>>>>
>>>> Thank you for your response and suggestion.
>>>>
>>>> Yes...after adding -p 987 in my SSH command getting connection time out
>>>> error. I need to fix it first and you are right in my build json file the
>>>> connection part is coming first and then clone part. So now its not
>>>> reaching on clone because it fail at SSH connection.
>>>>
>>>> Thanks a lot for your time and support.
>>>>
>>>> On Thursday, January 3, 2019 at 11:36:48 AM UTC+5:30, Vincent Rubiolo
>>>> wrote:
>>>>>
>>>>> Hi again Tekchand,
>>>>>
>>>>> On Wed, Jan 2, 2019 at 9:52 PM Tekchand Dagar <[email protected]>
>>>>> wrote:
>>>>>
>>>>>> Hello Vincent,
>>>>>>
>>>>>> Thank you for your prompt response.
>>>>>>
>>>>>> Please refer the attach file of ansible-playbook which us used for
>>>>>> clone from git. I am switching the user from root to deploy so when it
>>>>>> switch the user deploy then it will go into deploy user home directory.
>>>>>>
>>>>>
>>>>> There is no guarantee about the directory switch being made when
>>>>> changing users, this will depend on the internal implementation of the
>>>>> 'become' command within Ansible. As you can see at
>>>>> https://docs.ansible.com/ansible/latest/user_guide/become.html?highlight=become,
>>>>>
>>>>> 'become' has 'become_method' which can provide different means to do so
>>>>> (su, sudo, etc).
>>>>>
>>>>> For instance, with the 'su' command, it will depend on whether this is
>>>>> a login shell ('su' does not switch directories, 'su -' or 'su -l' does
>>>>> switch directories).
>>>>>
>>>>>
>>>>>> And user deploy have full right to create a file in his/her home
>>>>>> directory. I am correct?
>>>>>>
>>>>>
>>>>> You are right _if_ the directory is the 'deploy' user home dir.
>>>>>
>>>>> I suggest adding a simple call to 'pwd' in your shell 'git clone'
>>>>> command to check you are where you expect to be (another way would be to
>>>>> do
>>>>> a 'touch test_file ./' before running the 'git clone' command). Then past
>>>>> the output here.
>>>>>
>>>>> Note that I do not doubt you also have a connection issue (cf your
>>>>> unability to connect via ssh), I just think there might be 2 issues, with
>>>>> the 'permission denied' one masking the other (you have seen that your
>>>>> SSH
>>>>> connection fails with a timeout for instance, not a permission problem).
>>>>>
>>>>> HTH,
>>>>>
>>>>> Vincent
>>>>>
>>>> --
>>>> This mailing list is governed under the HashiCorp Community Guidelines
>>>> - https://www.hashicorp.com/community-guidelines.html. Behavior in
>>>> violation of those guidelines may result in your removal from this mailing
>>>> list.
>>>>
>>>> GitHub Issues: https://github.com/mitchellh/packer/issues
>>>> IRC: #packer-tool on Freenode
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Packer" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to [email protected].
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/packer-tool/1729b8d5-9da1-4050-900a-8f473899d734%40googlegroups.com
>>>>
>>>> <https://groups.google.com/d/msgid/packer-tool/1729b8d5-9da1-4050-900a-8f473899d734%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>>
>>>
>>> --
>>>
>>> --------
>>> *Vincent Rubiolo*
>>> Senior Platform Engineer
>>> www.datameer.com
>>> Slack: Vincent
>>>
>>>
>>>
>>>
>>>
>>> Datameer, Inc.
>>> 577 2nd Street, Suite 200, San Francisco, CA 94107
>>>
>>> --
>>> This mailing list is governed under the HashiCorp Community Guidelines -
>>> https://www.hashicorp.com/community-guidelines.html. Behavior in
>>> violation of those guidelines may result in your removal from this mailing
>>> list.
>>>
>>> GitHub Issues: https://github.com/mitchellh/packer/issues
>>> IRC: #packer-tool on Freenode
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "Packer" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected].
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/packer-tool/CADZPgZdai1dxXkfNZXscmbrh69%2B2xBBBRD-qjFqZEQaK%2BtMh3g%40mail.gmail.com
>>>
>>> <https://groups.google.com/d/msgid/packer-tool/CADZPgZdai1dxXkfNZXscmbrh69%2B2xBBBRD-qjFqZEQaK%2BtMh3g%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/77089bd6-9cb1-4635-8fbc-cd5d40924b56%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
