logo标签列表

如何将我的公钥添加到Vagrant虚拟机?

sshvagrantpublic-key
108
我在将SSH密钥添加到Vagrant虚拟机时遇到了问题。基本上,我这里的设置工作正常。一旦创建了虚拟机,我可以通过“vagrant ssh”访问它们,用户“vagrant”存在,并且该用户在authorized_keys文件中有一个ssh密钥。
现在我想做的是:能够通过ssh连接或使用scp连接到这些VM。因此,我只需要像使用ssh-copy-id一样将我的公共密钥从id_rsa.pub添加到authorized_keys中。
是否有方法在Vagrant安装过程中告诉Vagrant应包含我的公钥?如果没有(根据我的谷歌搜索结果很可能没有),是否有一种在Vagrant安装过程中轻松追加我的公钥的方法?
13个回答
0
一个相当完整的例子,希望能帮助到下一个访问者。将所有具体值移动到外部配置文件中。IP分配仅用于尝试。
# -*- mode: ruby -*-
# vi: set ft=ruby :

require 'yaml'
vmconfig = YAML.load_file('vmconfig.yml')

=begin
Script to created VMs with public IPs, VM creation governed by the provided
config file.
All Vagrant configuration is done below. The "2" in Vagrant.configure
configures the configuration version (we support older styles for
backwards compatibility). Please don't change it unless you know what
you're doing
Default user `vagrant` is created and ssh key is overridden. make sure to have
the files `vagrant_rsa` (private key) and `vagrant_rsa.pub` (public key) in the
path `./.ssh/`
Same files need to be available for all the users you want to create in each of
these VMs
=end

uid_start = vmconfig['uid_start']
ip_start = vmconfig['ip_start']
vagrant_private_key = Dir.pwd + '/.ssh/vagrant_rsa'
guest_sshkeys = '/' + Dir.pwd.split('/')[-1] + '/.ssh/'
Vagrant.configure('2') do |config|
  vmconfig['machines'].each do |machine|
    config.vm.define "#{machine}" do |node|
      ip_start += 1
      node.vm.box = vmconfig['vm_box_name']
      node.vm.box_version = vmconfig['vm_box_version']
      node.vm.box_check_update = false
      node.vm.boot_timeout = vmconfig['vm_boot_timeout']
      node.vm.hostname = "#{machine}"
      node.vm.network "public_network", bridge: "#{vmconfig['bridge_name']}", auto_config: false
      node.vm.provision "shell", run: "always", inline: "ifconfig #{vmconfig['ethernet_device']} #{vmconfig['public_ip_part']}#{ip_start} netmask #{vmconfig['subnet_mask']} up"
      node.ssh.insert_key = false
      node.ssh.private_key_path = ['~/.vagrant.d/insecure_private_key', "#{vagrant_private_key}"]
      node.vm.provision "file", source: "#{vagrant_private_key}.pub", destination: "~/.ssh/authorized_keys"
      node.vm.provision "shell", inline: <<-EOC
        sudo sed -i -e "\\#PasswordAuthentication yes# s#PasswordAuthentication yes#PasswordAuthentication no#g" /etc/ssh/sshd_config
        sudo systemctl restart sshd.service
      EOC
      vmconfig['users'].each do |user|
        uid_start += 1
        node.vm.provision "shell", run: "once", privileged: true, inline: <<-CREATEUSER
          sudo useradd -m -s /bin/bash -U #{user} -u #{uid_start}
          sudo mkdir /home/#{user}/.ssh
          sudo cp #{guest_sshkeys}#{user}_rsa.pub /home/#{user}/.ssh/authorized_keys
          sudo chown -R #{user}:#{user} /home/#{user}
          sudo su
          echo "%#{user} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/#{user}
          exit
        CREATEUSER
      end
    end
  end
-1

Madis Maenni的答案最接近最佳解法:

只需执行:

vagrant ssh-config >> ~/.ssh/config
chmod 600 ~/.ssh/config

然后您可以通过主机名直接进行ssh连接。

要获取在~/.ssh/config中配置的主机名列表

grep -E '^Host ' ~/.ssh/config

我的例子:

$ grep -E '^Host' ~/.ssh/config
Host web
Host db
$ ssh web
[vagrant@web ~]$
-2

为 Vagrant 认证生成 RSA 密钥对 ssh-keygen -f ~/.ssh/vagrant

您可能还想将 Vagrant 身份验证文件添加到您的 ~/.ssh/config

IdentityFile ~/.ssh/vagrant
IdentityFile ~/.vagrant.d/insecure_private_key

由于某些原因,我们不能只指定要插入的密钥,因此我们需要多做一些步骤来生成密钥。这样我们就可以获得安全性和确切知道我们需要哪个密钥(所有vagrant框将获得相同的密钥)。 无法使用不安全的私钥(vagrant 1.7.2)ssh到vagrant VM 如何将我的公钥添加到Vagrant VM? 
config.ssh.insert_key = false
config.ssh.private_key_path = ['~/.ssh/vagrant', '~/.vagrant.d/insecure_private_key']
config.vm.provision "file", source: "~/.ssh/vagrant.pub", destination: "/home/vagrant/.ssh/vagrant.pub"
config.vm.provision "shell", inline: <<-SHELL
cat /home/vagrant/.ssh/vagrant.pub >> /home/vagrant/.ssh/authorized_keys
mkdir -p /root/.ssh
cat /home/vagrant/.ssh/authorized_keys >> /root/.ssh/authorized_keys

外壳

网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接