Docker加载密钥“ /root/.ssh/id_rsa”:无效格式 [英] Docker Load key "/root/.ssh/id_rsa": invalid format
问题描述
我正在尝试克隆一个包含子模块的仓库。主要仓库很好,但是我在dockerfile中执行 git子模块更新--init --recursive
时,子模块会抛出错误。
I am trying to clone a repo that has submodules in it. The main repo is cloning fine but when I do git submodule update --init --recursive
in the dockerfile the submodules throws and error.
fatal: clone of 'git@github.com:jkeys089/lua-resty-hmac.git' into submodule path '/tmp/third-party/lua-resty-hmac' failed
Failed to clone 'third-party/lua-resty-hmac'. Retry scheduled
Cloning into '/tmp/third-party/lua-resty-jwt'...
load pubkey "/root/.ssh/id_rsa": invalid format
Warning: Permanently added the RSA host key for IP address '140.82.118.3' to the list of known hosts.
Load key "/root/.ssh/id_rsa": invalid format
git@github.com: Permission denied (publickey).
在图像中我有这个
# authorise ssh host
RUN mkdir /root/.ssh/ \
&& chmod 700 /root/.ssh \
&& ssh-keyscan github.com > /root/.ssh/known_hosts
# add key and set permission
RUN echo "${SSH_PRIVATE_KEY}" >> /root/.ssh/id_rsa \
&& echo "$ssh_pub_key" > /root/.ssh/id_rsa.pub \
&& chmod 600 /root/.ssh/id_rsa.pub \
&& chmod 600 /root/.ssh/id_rsa
我无法控制子模块。我不确定是否可以从 git@github.com
更改为https以获得子模块。
I have no control of the submodules. I am not sure if I can change from git@github.com
to https to get submodules.
我什至尝试使用 GITHUB_TOKEN
路线
# start up git and clone
RUN git config --global url."https://${GITHUB_TOKEN}@github.com/".insteadOf "https://github.com/" \
&& git clone https://github.com/GluuFederation/gluu-gateway.git /tmp \
&& cd /tmp/ \
&& git submodule update --init --recursive
以下是构建命令的一部分。
build --build-arg GITHUB_TOKEN = $ {GITHUB_TOKEN} --build-arg SSH_PRIVATE_KEY = $(cat〜/ .ssh / id_rsa) --build-arg ssh_pub_key = $ (cat〜/ .ssh / id_rsa.pub) c
And below is the part of the build command.
build --build-arg GITHUB_TOKEN=${GITHUB_TOKEN} --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)" --build-arg ssh_pub_key="$(cat ~/.ssh/id_rsa.pub)"
请帮忙。非常令人沮丧:(
Please help out on this. It's very frustrating. :(
推荐答案
如果密钥为无效格式,请尝试使用旧的PEM格式。
If the key is "invalid format", try and regenerate it with the old PEM format.
ssh-keygen -m PEM -t rsa -P ""
请确保将公钥添加到GitHub帐户以进行正确的身份验证。
Make sure to add the public key to your GitHub account for proper authentication.
OP Shammir 添加了:
The OP Shammir adds in the comments:
我认为问题是在构建期间没有任何内容从主机复制到docker映像。
I think the issue is that nothing is being copied from host machine to docker image during build.
在 docker build --build-arg SSH_PRIVATE_KEY = $(cat〜/。 ssh / id_rsa)
返回空,Shammir使用 dockito / vault
来管理私钥,但也可以将其配置为 AddKeysToAgent:如果私钥不需要没有密码保护(如上面的命令所示)
In "docker build --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)"
returning empty", Shammir uses dockito/vault
to manage the private key, but also configure it to "AddKeysToAgent": that is not needed if the private key is not passphrase protected (as in my command above)
这篇关于Docker加载密钥“ /root/.ssh/id_rsa”:无效格式的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!