spring cloud config ssh connection failing

本小妞迷上赌 提交于 2019-12-09 10:08:51

问题


Using Spring Boot, Java 1.8, cloud-config-server

I'm trying to access a git repo using this application.yml snippet. But is failing to find the hostkey.

spring:
cloud:
    config:
      allowOverride: true
      failFast: true
      overrideNone: true
      overrideSystemProperties: false
      server:
        git:
          uri: ssh://git@10.4.31.179:7999/project/name.git

And the address is in my knowHosts file:

10.4.31.179:7999,10.4.31.179 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1UF27s4svxRyc3eQVq67hOhl9szwXy15oaUmo5Ndtk9DP5QEvstSA1MR0JotcKrhEHb4FA8a06oRvkyj55zfvr9t96O/sva+66TegPGjiWZNU75LSEKhA8EZ+/VEKVA2Pk1iUEYbtFZZ+SuTKtikXQt0EjghHpx66mWEJU11911+quCfjOIL74tz96IoXBfTZJmhiUQN+SC4UG3bCnha3mMlCnb1/0BkX+YuAy3GN+UTSxCqeEHuwhN8+DsPhVgTKx/YVbhZUPlGlYEUZjjXk6RnyhQr32Jwzv4WpeVu943e2UzlUFMMorl+usur7bSAZWsQWyz6MfjYUyKZkdZYjQ==

stacktrace:

com.jcraft.jsch.JSchException: UnknownHostKey: 10.4.31.179. RSA key fingerprint is 9e:6a:f1:59:98:59:e4:f8:ac:39:e7:02:07:d8:4f:58
    at com.jcraft.jsch.Session.checkHost(Session.java:786)
    at com.jcraft.jsch.Session.connect(Session.java:342)
    at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:116)
    at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:136)
    at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:262)
    at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:161)
    at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:136)
    at org.eclipse.jgit.transport.FetchProcess.execute(FetchProcess.java:122)
    at org.eclipse.jgit.transport.Transport.fetch(Transport.java:1115)
    at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:130)
    at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:178)
    at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:125)
    at org.springframework.cloud.config.server.JGitEnvironmentRepository.cloneToBasedir(JGitEnvironmentRepository.java:269)
    at org.springframework.cloud.config.server.JGitEnvironmentRepository.copyRepository(JGitEnvironmentRepository.java:241)
    at org.springframework.cloud.config.server.JGitEnvironmentRepository.createGitClient(JGitEnvironmentRepository.java:226)
    at org.springframework.cloud.config.server.JGitEnvironmentRepository.findOne(JGitEnvironmentRepository.java:114)
    at org.springframework.cloud.config.server.MultipleJGitEnvironmentRepository.findOne(MultipleJGitEnvironmentRepository.java:87)
    at org.springframework.cloud.config.server.EnvironmentController.labelled(EnvironmentController.java:109)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:222)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:775)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:705)
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:965)
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:856)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:841)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration$ApplicationContextHeaderFilter.doFilterInternal(EndpointWebMvcAutoConfiguration.java:300)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:103)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:77)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1096)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:745)

Any idea why this is not working?


回答1:


This is a related GitHub issue and a comment.

TL;DR before you try to connect to a repository server, you need to update ~/.ssh/known_hosts with a non-hash format.

One liner,

ssh-keyscan -t rsa {hostname or IP} >> ~/.ssh/known_hosts



回答2:


I think that in your knowHosts file, you should use the [host]:port format like this:

[10.4.31.179]:7999,10.4.31.179 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1UF27s4svxRyc3eQVq67hOhl9szwXy15oaUmo5Ndtk9DP5QEvstSA1MR0JotcKrhEHb4FA8a06oRvkyj55zfvr9t96O/sva+66TegPGjiWZNU75LSEKhA8EZ+/VEKVA2Pk1iUEYbtFZZ+SuTKtikXQt0EjghHpx66mWEJU11911+quCfjOIL74tz96IoXBfTZJmhiUQN+SC4UG3bCnha3mMlCnb1/0BkX+YuAy3GN+UTSxCqeEHuwhN8+DsPhVgTKx/YVbhZUPlGlYEUZjjXk6RnyhQr32Jwzv4WpeVu943e2UzlUFMMorl+usur7bSAZWsQWyz6MfjYUyKZkdZYjQ==

The sshd man page says :

A hostname or address may optionally be enclosed within ‘[’ and ‘]’ brackets then followed by ‘:’ and a non-standard port number.

OR

You can ssh from the command line

ssh 10.4.31.179 -p 7999

and then accept the public key, the knowHosts file will then be correctly set.

If it still doesn't work set explicitly the knownHosts file.

 jsch.setKnownHosts(knowHostsFileName)



回答3:


This is my solution:

  • create a ~/.ssh/config like below, don't forget to add StrictHostKeyChecking to false:

    Host git
        HostName 10.4.31.179
        StrictHostKeyChecking no
        Port 7999
        User git
        IdentityFile ~/.ssh/id_rsa
    
  • In your application.yml change the uri by git:/project/name.git

    spring:
      cloud:
        config:
          allowOverride: true
          failFast: true
          overrideNone: true
          overrideSystemProperties: false
        server:
          git:
            uri: git:/project/name.git
    


来源:https://stackoverflow.com/questions/38108817/spring-cloud-config-ssh-connection-failing

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!