Docker 加载键“/root/.ssh/id_rsa":格式无效 [英] Docker Load key "/root/.ssh/id_rsa": invalid format
问题描述
我正在尝试克隆其中包含子模块的存储库.主仓库可以很好地克隆,但是当我在 dockerfile 中执行 git submodule update --init --recursive
时,子模块会抛出错误.
I am trying to clone a repo that has submodules in it. The main repo is cloning fine but when I do git submodule update --init --recursive
in the dockerfile the submodules throws and error.
fatal: clone of 'git@github.com:jkeys089/lua-resty-hmac.git' into submodule path '/tmp/third-party/lua-resty-hmac' failed
Failed to clone 'third-party/lua-resty-hmac'. Retry scheduled
Cloning into '/tmp/third-party/lua-resty-jwt'...
load pubkey "/root/.ssh/id_rsa": invalid format
Warning: Permanently added the RSA host key for IP address '140.82.118.3' to the list of known hosts.
Load key "/root/.ssh/id_rsa": invalid format
git@github.com: Permission denied (publickey).
在图片中我有这个
# authorise ssh host
RUN mkdir /root/.ssh/
&& chmod 700 /root/.ssh
&& ssh-keyscan github.com > /root/.ssh/known_hosts
# add key and set permission
RUN echo "${SSH_PRIVATE_KEY}" >> /root/.ssh/id_rsa
&& echo "$ssh_pub_key" > /root/.ssh/id_rsa.pub
&& chmod 600 /root/.ssh/id_rsa.pub
&& chmod 600 /root/.ssh/id_rsa
我无法控制子模块.我不确定是否可以从 git@github.com
更改为 https 以获取子模块.
I have no control of the submodules. I am not sure if I can change from git@github.com
to https to get submodules.
我什至尝试过使用 GITHUB_TOKEN
路由
I even tried using the GITHUB_TOKEN
route
# start up git and clone
RUN git config --global url."https://${GITHUB_TOKEN}@github.com/".insteadOf "https://github.com/"
&& git clone https://github.com/GluuFederation/gluu-gateway.git /tmp
&& cd /tmp/
&& git submodule update --init --recursive
下面是构建命令的一部分.build --build-arg GITHUB_TOKEN=${GITHUB_TOKEN} --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)" --build-arg ssh_pub_key="$(cat ~/.ssh/id_rsa.pub)"
And below is the part of the build command.
build --build-arg GITHUB_TOKEN=${GITHUB_TOKEN} --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)" --build-arg ssh_pub_key="$(cat ~/.ssh/id_rsa.pub)"
请帮忙解决这个问题.这非常令人沮丧.:(
Please help out on this. It's very frustrating. :(
推荐答案
如果key是invalid format",尝试用旧 PEM 格式.
If the key is "invalid format", try and regenerate it with the old PEM format.
ssh-keygen -m PEM -t rsa -P ""
确保将公钥添加到您的 GitHub 帐户以进行正确的身份验证.
Make sure to add the public key to your GitHub account for proper authentication.
OP Shammir 增加了 在评论中:
我认为问题是在构建过程中没有任何内容从主机复制到 docker 映像.
I think the issue is that nothing is being copied from host machine to docker image during build.
在docker build --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)"
返回空",Shammir 使用 dockito/vault
管理私钥,但也将其配置为AddKeysToAgent":如果私钥不受密码保护(如我上面的命令),则不需要这样做
In "docker build --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)"
returning empty", Shammir uses dockito/vault
to manage the private key, but also configure it to "AddKeysToAgent": that is not needed if the private key is not passphrase protected (as in my command above)
这篇关于Docker 加载键“/root/.ssh/id_rsa":格式无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!