RSA キーと ssh 構成ファイルを使用して Fabric で複数のサーバーに接続するとエラーが発生します。私のクライアントは、python 2.7.2、Fabric 1.4.0、ssh (ライブラリ) 1.7.13 を搭載した Snow Leopard 10.6.8 です。パスフレーズ付きの複数の RSA キーを使用しています (パスフレーズなしで使用することはできません)。パスフレーズを ssh-add に追加しました。すべてのサーバーに問題なく ssh できます。env.use_ssh_config = True を fab ファイルに追加して、ssh 構成ファイルを読み取りました。
RSA キー (パスフレーズ付き) を使用して 1 つのサーバーに接続すると、すべて正常に動作します。
しかし、2 台以上のホストに接続すると、2 台目のサーバーの「ログイン パスワード」を取得し続けます。
fab -H server1,server2 test
[server1] Executing task 'test'
[server1] run: uname -s
[server1] out: Linux
[server2] Executing task 'test'
[server2] run: uname -s
[server2] Login password:
私のファブファイル
from fabric.api import *
import ssh
ssh.util.log_to_file("paramiko.log", 10)
env.use_ssh_config = True
def test():
run('uname -s')
私のssh設定ファイル
Host server1
HostName xx.xx.xx.xx
Port 6666
User AB1
HashKnownHosts yes
PreferredAuthentications publickey
AddressFamily inet
Host server2
HostName xx.xx.xx.xx
Port 6666
User BC2
HashKnownHosts yes
PreferredAuthentications publickey
AddressFamily inet
私のssh構成ファイルで、「HashKnownHosts yes」を削除しようとしましたが、何も変わりませんでした。
paramiko.log
DEB [20120329-17:33:30.747] thr=1 ssh.transport: starting thread (client mode): 0x1382350L
INF [20120329-17:33:30.769] thr=1 ssh.transport: Connected (version 2.0, client OpenSSH_4.3)
DEB [20120329-17:33:30.786] thr=1 ssh.transport: kex algos:['diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib@openssh.com'] server compress:['none', 'zlib@openssh.com'] client lang:[''] server lang:[''] kex follows?False
DEB [20120329-17:33:30.786] thr=1 ssh.transport: Ciphers agreed: local=aes128-ctr, remote=aes128-ctr
DEB [20120329-17:33:30.786] thr=1 ssh.transport: using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes128-ctr, remote aes128-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEB [20120329-17:33:30.866] thr=1 ssh.transport: Switch to new keys ...
DEB [20120329-17:33:30.875] thr=2 ssh.transport: Trying SSH agent key ar8298z4c935cde079ef98763678ecc5
DEB [20120329-17:33:30.935] thr=1 ssh.transport: userauth is OK
INF [20120329-17:33:31.017] thr=1 ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:31.039] thr=2 ssh.transport: Trying SSH agent key 0273aff478dddddd05378738dhe98798
DEB [20120329-17:33:31.055] thr=1 ssh.transport: userauth is OK
INF [20120329-17:33:31.135] thr=1 ssh.transport: Authentication (publickey) successful!
DEB [20120329-17:33:31.140] thr=2 ssh.transport: [chan 1] Max packet in: 34816 bytes
DEB [20120329-17:33:31.159] thr=1 ssh.transport: [chan 1] Max packet out: 32768 bytes
INF [20120329-17:33:31.159] thr=1 ssh.transport: Secsh channel 1 opened.
DEB [20120329-17:33:31.189] thr=1 ssh.transport: [chan 1] Sesch channel 1 request ok
DEB [20120329-17:33:31.218] thr=1 ssh.transport: [chan 1] Sesch channel 1 request ok
DEB [20120329-17:33:31.237] thr=1 ssh.transport: [chan 1] EOF received (1)
DEB [20120329-17:33:31.237] thr=1 ssh.transport: [chan 1] EOF sent (1)
DEB [20120329-17:33:31.275] thr=3 ssh.transport: starting thread (client mode): 0x10f9050L
INF [20120329-17:33:32.126] thr=3 ssh.transport: Connected (version 2.0, client OpenSSH_5.3)
DEB [20120329-17:33:32.156] thr=3 ssh.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['blowfish-cbc', 'aes256-cbc', 'aes256-ctr'] server encrypt:['blowfish-cbc', 'aes256-cbc', 'aes256-ctr'] client mac:['hmac-sha1', 'hmac-sha1-96'] server mac:['hmac-sha1', 'hmac-sha1-96'] client compress:['none', 'zlib@openssh.com', 'zlib'] server compress:['none', 'zlib@openssh.com', 'zlib'] client lang:[''] server lang:[''] kex follows?False
DEB [20120329-17:33:32.156] thr=3 ssh.transport: Ciphers agreed: local=aes256-ctr, remote=aes256-ctr
DEB [20120329-17:33:32.156] thr=3 ssh.transport: using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes256-ctr, remote aes256-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEB [20120329-17:33:32.209] thr=3 ssh.transport: Switch to new keys ...
DEB [20120329-17:33:32.243] thr=2 ssh.transport: Trying SSH agent key ar8298z4c935cde079ef98763678ecc5
DEB [20120329-17:33:32.307] thr=3 ssh.transport: userauth is OK
INF [20120329-17:33:32.426] thr=3 ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.444] thr=2 ssh.transport: Trying SSH agent key 0273aff478dddddd05378738dhe98798
DEB [20120329-17:33:32.476] thr=3 ssh.transport: userauth is OK
INF [20120329-17:33:32.570] thr=3 ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.578] thr=2 ssh.transport: Trying SSH agent key 7382deeeee873897883ccc9878972878
DEB [20120329-17:33:32.608] thr=3 ssh.transport: userauth is OK
INF [20120329-17:33:32.702] thr=3 ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.711] thr=2 ssh.transport: Trying SSH agent key 98792098cccccccccccceeeeeeee9878
DEB [20120329-17:33:32.743] thr=3 ssh.transport: userauth is OK
INF [20120329-17:33:32.843] thr=3 ssh.transport: Authentication (publickey) failed.
SSH エージェント キー 0273aff478dddddd05378738dhe98798 は、両方のサーバーで同じです。最初のサーバーでは接続しますが、2 番目のサーバーでは失敗します。さまざまなサーバーをさまざまな順序で試してみましたが、ファブリックが 2 番目のサーバーのパスワードを要求するという同じ問題が常に発生しています。
どうすればこれを修正できますか?
ありがとうございました