如何向 Aptible 提供 SSH 证书和私钥
How to provide an SSH certificate and private key to Aptible
我正在试用符合 HIPAA 标准的 PaaS,Aptible, by following their Django Quickstart Guide. I've used the aptible CLI to follow the Create an App and Provision a Database steps, but I'm running into trouble at Add a Dockerfile。
这一步说要在存储库的根目录添加一个Dockerfile,但是前面的步骤还没有创建存储库。我假设我必须使用 'Create an App' 中生成的 Git 远程 link 克隆存储库。但是,如果我这样做(并忽略关于主机真实性的警告),我会得到 Please make sure you have the right access rights and the repository exists:
Kurts-MacBook-Pro:Scratch kurtpeek$ git clone git@beta.aptible.com:lucy/test_app.git
Cloning into 'test_app'...
The authenticity of host 'beta.aptible.com (52.21.95.179)' can't be established.
ECDSA key fingerprint is SHA256:FsLUs5U/cZ0nGgvy/OorvGSaLzvLRSAo4+xk6+jNg8k.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'beta.aptible.com,52.21.95.179' (ECDSA) to the list of known hosts.
Connection closed by 52.21.95.179 port 22
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
根据 Aptible 的常见问题解答,https://www.aptible.com/documentation/enclave/troubleshooting/permission-denied-git-push.html,我推断我还没有使用 Enclave 注册我的 SSH Public 密钥。
确实,如果我转到 Aptible 的仪表板并单击 'Certificates',我会发现我还没有。如果我然后单击 'Upload Certificate',我将进入以下菜单:
这可能是一个很笼统的 SSH 问题,但我不确定如何继续。我试过 ssh-keygen 命令如下:
Kurts-MacBook-Pro:~ kurtpeek$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/kurtpeek/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/kurtpeek/.ssh/id_rsa.
Your public key has been saved in /Users/kurtpeek/.ssh/id_rsa.pub.
这样生成的id_rsa似乎对应了请求的私钥。但是,我在哪里可以找到(对应的)Certificate?
(我仔细阅读了 https://support.ssh.com/manuals/server-admin/64/userauth-cert.html 但找不到答案)。
事实证明,为了遵循 Django 快速入门指南,提供 SSH 密钥(而不是证书)就足够了。这可以通过单击仪表板右上角的姓名,选择 "SSH keys",然后将 ~/.ssh/id_rsa.pub 的内容复制粘贴到表单中来输入。
我正在试用符合 HIPAA 标准的 PaaS,Aptible, by following their Django Quickstart Guide. I've used the aptible CLI to follow the Create an App and Provision a Database steps, but I'm running into trouble at Add a Dockerfile。
这一步说要在存储库的根目录添加一个Dockerfile,但是前面的步骤还没有创建存储库。我假设我必须使用 'Create an App' 中生成的 Git 远程 link 克隆存储库。但是,如果我这样做(并忽略关于主机真实性的警告),我会得到 Please make sure you have the right access rights and the repository exists:
Kurts-MacBook-Pro:Scratch kurtpeek$ git clone git@beta.aptible.com:lucy/test_app.git
Cloning into 'test_app'...
The authenticity of host 'beta.aptible.com (52.21.95.179)' can't be established.
ECDSA key fingerprint is SHA256:FsLUs5U/cZ0nGgvy/OorvGSaLzvLRSAo4+xk6+jNg8k.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'beta.aptible.com,52.21.95.179' (ECDSA) to the list of known hosts.
Connection closed by 52.21.95.179 port 22
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
根据 Aptible 的常见问题解答,https://www.aptible.com/documentation/enclave/troubleshooting/permission-denied-git-push.html,我推断我还没有使用 Enclave 注册我的 SSH Public 密钥。
确实,如果我转到 Aptible 的仪表板并单击 'Certificates',我会发现我还没有。如果我然后单击 'Upload Certificate',我将进入以下菜单:
这可能是一个很笼统的 SSH 问题,但我不确定如何继续。我试过 ssh-keygen 命令如下:
Kurts-MacBook-Pro:~ kurtpeek$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/kurtpeek/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/kurtpeek/.ssh/id_rsa.
Your public key has been saved in /Users/kurtpeek/.ssh/id_rsa.pub.
这样生成的id_rsa似乎对应了请求的私钥。但是,我在哪里可以找到(对应的)Certificate?
(我仔细阅读了 https://support.ssh.com/manuals/server-admin/64/userauth-cert.html 但找不到答案)。
事实证明,为了遵循 Django 快速入门指南,提供 SSH 密钥(而不是证书)就足够了。这可以通过单击仪表板右上角的姓名,选择 "SSH keys",然后将 ~/.ssh/id_rsa.pub 的内容复制粘贴到表单中来输入。