{
"changed": false,
"cmd": "/bin/git clone --bare ssh:********@enterprise.acme.net:7999/acme/acme-whm.git /usr/local/acme/.git",
"msg": "Warning: Permanently added [enterprise.acme.net]:7999,[10.0.37.37]:7999 (RSA) to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.",
"rc": 128,
"stderr": "Warning: Permanently added [enterprise.acme.net]:7999,[10.0.37.37]:7999 (RSA) to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n",
"stderr_lines": [
"Warning: Permanently added [enterprise.acme.net]:7999,[10.0.37.37]:7999 (RSA) to the list of known hosts.",
"Permission denied (publickey).",
"fatal: Could not read from remote repository.",
"",
"Please make sure you have the correct access rights",
"and the repository exists."
],
"stdout": "Cloning into bare repository /usr/local/acme/.git...\n",
"stdout_lines": [
"Cloning into bare repository /usr/local/acme/.git..."
]
}
それでは、なぜこの問題が発生するのでしょうか?
accept_hostkey: True
私の演劇では?
- name: Clone Git
environment:
TMPDIR: "{{ acme_root }}"
git:
bare: yes
track_submodules: yes
accept_hostkey: yes
repo: "{{ acme_repo_upstream }}"
dest: "{{ acme_root }}/.git"
答え1
Ansibleに接続できるかどうか、Gitの選択肢に関係なく、次のメッセージが表示された場合は、
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:J6ErF8jeZVKGsg0db5u2hiNeQbH4pdGzPcbpGXZhOm8.
Please contact your system administrator.
Add correct host key in /home/ecarroll/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ecarroll/.ssh/known_hosts:50
remove with:
ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"
ECDSA host key for 10.1.38.15 has changed and you have requested strict checking.
Host key verification failed.
これにより、プロキシはそれを渡しません。走ってみるとssh-add -l
わかるけど、
Could not open a connection to your authentication agent.
そして走らなければなりません
ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"
その後、再接続します。