How to use ssh agent forwarding with “vagrant ssh”?

こ雲淡風輕ζ 提交于 2019-12-17 10:08:17

问题


Rather than create a new SSH key pair on a vagrant box, I would like to re-use the key pair I have on my host machine, using agent forwarding. I've tried setting config.ssh.forward_agent to TRUE in the Vagrantfile, then rebooted the VM, and tried using:

vagrant ssh -- -A

...but I'm still getting prompted for a password when I try to do a git checkout. Any idea what I'm missing?


回答1:


I'm using vagrant 2 on OS X Mountain Lion.

Vagrant.configure("2") do |config|
  config.ssh.private_key_path = "~/.ssh/id_rsa"
  config.ssh.forward_agent = true
end
  1. config.ssh.private_key_path is your local private key
  2. Your private key must be available to the local ssh-agent. You can check with ssh-add -L, if it's not listed add it with ssh-add ~/.ssh/id_rsa
  3. Don't forget to add you public key to ~/.ssh/authorized_keys on the Vagrant VM. You can do it copy-and-pasting or using a tool like ssh-copy-id



回答2:


Add it to the Vagrantfile

Vagrant::Config.run do |config|
   # stuff
   config.ssh.forward_agent = true
end

http://vagrantup.com/v1/docs/config/ssh/forward_agent.html




回答3:


In addition to adding "config.ssh.forward_agent = true" to the vagrant file make sure the host computer is set up for agent forwarding. Github provides a good guide for this. (Check out the troubleshooting section).




回答4:


I had this working with the above replies on 1.4.3, but stopped working on 1.5. I now have to run ssh-add to work fully with 1.5.

For now I add the following line to my ansible provisioning script. - name: Make sure ssk keys are passed to guest. local_action: command ssh-add

I've also created a gist of my setup: https://gist.github.com/KyleJamesWalker/9538912




回答5:


If you are on Windows, SSH Forwarding in Vagrant does not work properly by default (because of a bug in net-ssh). See this particular Vagrant bug report: https://github.com/mitchellh/vagrant/issues/1735

However, there is a workaround! Simply auto-copy your local SSH key to the Vagrant VM via a simple provisioning script in your VagrantFile. Here's an example: https://github.com/mitchellh/vagrant/issues/1735#issuecomment-25640783




回答6:


When we recently tried out the vagrant-aws plugin with Vagrant 1.1.5, we ran into an issue with SSH agent forwarding. It turned out that Vagrant was forcing IdentitiesOnly=yes without an option to change it to no. This forced Vagrant to only look at the private key we listed in the Vagrantfile for the AWS provider.

I wrote up our experiences in a blog post. It may turn into a pull request at some point.




回答7:


Make sure that the VM does not launch its own SSH agent. I had this line in my ~/.profile

eval `ssh-agent`

After removing it, SSH agent forwarding worked.




回答8:


The real problem is Vagrant using 127.0.0.1:2222 as default port-forward. You can add one (not 2222, 2222 is already occupied by default)

config.vm.network "forwarded_port", guest: 22, host:2333, host_ip: "0.0.0.0"

"0.0.0.0" is way take request from external connection. then ssh -p 2333 vagrant@192.168.2.101 (change to your own host ip address, dud) will working just fine. Do thank me, Just call me Leifeng!




回答9:


On Windows, the problem is that Vagrant doesn't know how to communicate with git-bash's ssh-agent. It does, however, know how to use PuTTY's Pageant. So, as long as Pageant is running and has loaded your SSH key, and as long as you've set config.ssh.forward_agent, this should work.

See this comment for details.

If you use Pageant, then the workaround of updating the Vagrantfile to copy SSH keys on Windows is no longer necessary.



来源:https://stackoverflow.com/questions/11955525/how-to-use-ssh-agent-forwarding-with-vagrant-ssh

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!