Reputation: 1334
Use SSH keys on Dockerfile for Gitlab - Permission denied
Hi !
I'm currently trying to build a docker image, and I need to pull a git project from a remote GitLab server. The problem is that the publickey method isn't working at all.
The error:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)
fatal: Could not read from remote repository.
There is the command I launch:
docker build . --build-arg priv_key="$(cat ~/.ssh/id_rsa)" --build-arg pub_key="$(cat ~/.ssh/id_rsa.pub)"
There is my Dockerfile:
FROM centos/python-35-centos7:latest
USER root
ARG pub_key
ARG priv_key
RUN mkdir -p /root/.ssh/
RUN chmod 0700 /root/.ssh/
RUN echo ${pub_key} >> /root/.ssh/id_rsa.pub
RUN chmod 600 /root/.ssh/id_rsa.pub
RUN echo ${priv_key} >> /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa
RUN git config --global user.name "A name"
RUN git config --global user.email "[email protected]"
RUN echo "Host 192.168.1.28\n\tPasswordAuthentication no\n" >> /root/.ssh/config
RUN chmod 600 /root/.ssh/config
RUN ssh-keyscan -t rsa 192.168.1.28 >> /root/.ssh/known_hosts
RUN ssh -Tv [email protected]
The problem is, when I check on the output of ssh -Tv, it tries to read_passphrase instead of authenticate:
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
Looks like it wants a passphrase (/dev/tty: No such device or address), but on the host itself, the same command perfectly works:
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.1.28 ([192.168.1.28]:22).
Any idea of what's going on ?
EDIT:
With the website @emory provided below, I've tried the code into (and added chmod command to avoid a Docker error), set it with the GitLab IP address I have... and it worked !
I've changed the following lines:
FROM ubuntu as intermediate > FROM centos:7
apt-get update > yum update
apt-get install -y git > yum install -y git
And it worked as well. I've also tried the original one centos/python-35-centos7:latest, and it worked. For those who need this, there is the functional code:
FROM centos/python-35-centos7:latest
#FROM centos:7
USER root
RUN yum update -y
RUN yum install -y git
ARG SSH_PRIVATE_KEY
RUN mkdir /root/.ssh/
RUN echo "${SSH_PRIVATE_KEY}" > /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa
RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan 192.168.1.28 >> /root/.ssh/known_hosts
RUN ssh -Tv [email protected]
Upvotes: 3
Views: 4524
Answers (1)
Reputation: 10891
Apparently the answer is to use a different base image. ubuntu is reported to work. https://vsupalov.com/build-docker-image-clone-private-repo-ssh-key/ is a good guidance.
Upvotes: 1
Related Questions
- ssh key in Dockerfile returning Permission denied (publickey)
- git Permission denied on Docker container with private key
- Added SSH key to Gitlab but it still asks for my credentials
- [email protected]: Permission denied - fatal: Could not read from remote repository, from Dockerfile
- Gitlab Permission denied (publickey
- GitLab SSH Keys - Permission denied (publickey)
- Gitlab: Already have added SSH key, still permission denied
- Use Host SSH keys for private Git repo access in DockerFile
- How to install git SSH keys in a docker container to access gitlab
- git ssh can't access to gitlab in a docker container