primavera connessione cloud config ssh non aver

Question

Utilizzando Primavera di avvio, Java 1.8, cloud-config-server di

Sto cercando di accedere a un repo git utilizzando questo frammento application.yml. Ma non riesce a trovare la chiave di accesso.

spring: 
cloud: 
    config: 
     allowOverride: true 
     failFast: true 
     overrideNone: true 
     overrideSystemProperties: false 
     server: 
     git: 
      uri: ssh://git@10.4.31.179:7999/project/name.git 

E l'indirizzo è nel mio file knowHosts:

10.4.31.179:7999,10.4.31.179 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1UF27s4svxRyc3eQVq67hOhl9szwXy15oaUmo5Ndtk9DP5QEvstSA1MR0JotcKrhEHb4FA8a06oRvkyj55zfvr9t96O/sva+66TegPGjiWZNU75LSEKhA8EZ+/VEKVA2Pk1iUEYbtFZZ+SuTKtikXQt0EjghHpx66mWEJU11911+quCfjOIL74tz96IoXBfTZJmhiUQN+SC4UG3bCnha3mMlCnb1/0BkX+YuAy3GN+UTSxCqeEHuwhN8+DsPhVgTKx/YVbhZUPlGlYEUZjjXk6RnyhQr32Jwzv4WpeVu943e2UzlUFMMorl+usur7bSAZWsQWyz6MfjYUyKZkdZYjQ== 

stacktrace:

com.jcraft.jsch.JSchException: UnknownHostKey: 10.4.31.179. RSA key fingerprint is 9e:6a:f1:59:98:59:e4:f8:ac:39:e7:02:07:d8:4f:58 
    at com.jcraft.jsch.Session.checkHost(Session.java:786) 
    at com.jcraft.jsch.Session.connect(Session.java:342) 
    at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:116) 
    at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:136) 
    at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:262) 
    at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:161) 
    at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:136) 
    at org.eclipse.jgit.transport.FetchProcess.execute(FetchProcess.java:122) 
    at org.eclipse.jgit.transport.Transport.fetch(Transport.java:1115) 
    at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:130) 
    at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:178) 
    at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:125) 
    at org.springframework.cloud.config.server.JGitEnvironmentRepository.cloneToBasedir(JGitEnvironmentRepository.java:269) 
    at org.springframework.cloud.config.server.JGitEnvironmentRepository.copyRepository(JGitEnvironmentRepository.java:241) 
    at org.springframework.cloud.config.server.JGitEnvironmentRepository.createGitClient(JGitEnvironmentRepository.java:226) 
    at org.springframework.cloud.config.server.JGitEnvironmentRepository.findOne(JGitEnvironmentRepository.java:114) 
    at org.springframework.cloud.config.server.MultipleJGitEnvironmentRepository.findOne(MultipleJGitEnvironmentRepository.java:87) 
    at org.springframework.cloud.config.server.EnvironmentController.labelled(EnvironmentController.java:109) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:498) 
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:222) 
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137) 
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110) 
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:775) 
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:705) 
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) 
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959) 
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893) 
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:965) 
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:856) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:622) 
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:841) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration$ApplicationContextHeaderFilter.doFilterInternal(EndpointWebMvcAutoConfiguration.java:300) 
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:103) 
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77) 
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85) 
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:77) 
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) 
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) 
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) 
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) 
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) 
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) 
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521) 
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1096) 
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674) 
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) 
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 
    at java.lang.Thread.run(Thread.java:745) 

Qualsiasi idea del perché questo non sta funzionando?

Answer 1

penso che nel file knowHosts, è necessario utilizzare il formato [host]:port in questo modo:

[10.4.31.179]:7999,10.4.31.179 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1UF27s4svxRyc3eQVq67hOhl9szwXy15oaUmo5Ndtk9DP5QEvstSA1MR0JotcKrhEHb4FA8a06oRvkyj55zfvr9t96O/sva+66TegPGjiWZNU75LSEKhA8EZ+/VEKVA2Pk1iUEYbtFZZ+SuTKtikXQt0EjghHpx66mWEJU11911+quCfjOIL74tz96IoXBfTZJmhiUQN+SC4UG3bCnha3mMlCnb1/0BkX+YuAy3GN+UTSxCqeEHuwhN8+DsPhVgTKx/YVbhZUPlGlYEUZjjXk6RnyhQr32Jwzv4WpeVu943e2UzlUFMMorl+usur7bSAZWsQWyz6MfjYUyKZkdZYjQ== 

Il sshd man page dice:

Un nome host o indirizzo possono opzionalmente essere racchiusi all'interno di '[' e ']' parentesi seguite da ':' e un numero di porta non standard.

O

È possibile ssh dalla riga di comando

ssh 10.4.31.179 -p 7999 

e quindi accettare la chiave pubblica, il file knowHosts verrà poi impostato correttamente.

Se il problema persiste, impostare il file knownHosts in modo esplicito.

jsch.setKnownHosts(knowHostsFileName) 

Answer 2

Questa è la mia soluzione:

• creare un ~/.ssh/config come qui di seguito, non dimenticate di aggiungere StrictHostKeyChecking no:

  Host git 
      HostName 10.4.31.179 
      StrictHostKeyChecking no 
      Port 7999 
      User git 
      IdentityFile ~/.ssh/id_rsa 
  

• Nella tua application.yml cambiare l'uri da git:/project/name.git

  spring: 
      cloud: 
      config: 
       allowOverride: true 
       failFast: true 
       overrideNone: true 
       overrideSystemProperties: false 
      server: 
       git: 
       uri: git:/project/name.git 
  

Answer 3

Questo è a related GitHub issue and a comment.

TL; DR prima di provare a connettersi a un server di repository, è necessario aggiornare ~/.ssh/known_hosts con un formato non hash.

uno di linea,

ssh-keyscan -t rsa {hostname or IP} >> ~/.ssh/known_hosts