kex_exchange_identification 同时连接到本地 gitlab 实例
kex_exchange_identification while connecting to local gitlab instance
我已经使用以下配置设置了 gitlab 的本地实例:
version: "3"
services:
gitlab:
image: gitlab/gitlab-ce:latest
container_name: gitlab
hostname: 'gitlab.local.com'
restart: always
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://gitlab.local.com:4005'
gitlab_rails['gitlab_shell_ssh_port'] = 3005
ports:
- '4005:4005'
- '3005:3005'
volumes:
- '/srv/gitlab/config:/etc/gitlab'
- '/srv/gitlab/logs:/var/log/gitlab'
- '/srv/gitlab/data:/var/opt/gitlab'
然后我根据 gitlab 文档添加了 SSH 密钥。
最后,当通过 SSH 连接到实例或克隆 repo 时,我收到以下错误:
ssh -Tvv git@gitlab.local.com -p 3005
OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "gitlab.local.com" port 3005
debug2: ssh_connect_direct
debug1: Connecting to gitlab.local.com [0.0.0.0] port 3005.
debug1: Connection established.
debug1: identity file /home/rafael/.ssh/id_rsa type 0
debug1: identity file /home/rafael/.ssh/id_rsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_dsa type -1
debug1: identity file /home/rafael/.ssh/id_dsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/rafael/.ssh/id_ed25519 type 3
debug1: identity file /home/rafael/.ssh/id_ed25519-cert type -1
debug1: identity file /home/rafael/.ssh/id_ed25519_sk type -1
debug1: identity file /home/rafael/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/rafael/.ssh/id_xmss type -1
debug1: identity file /home/rafael/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
kex_exchange_identification: Connection closed by remote host
我已经禁用了 ufw,我已经重置了 known_hosts,我已经尝试了所有我能想到的方法,但在 Internet 上找不到任何对我有帮助的东西。
为什么会出现这个错误?这是我通过 ssh 访问时遇到问题的唯一“服务器”...
首先检查 GitLab Docker 容器中的 ssh 守护进程是否监听端口 3005(custom port)。
例如见gitlab-org/omnibus-gitlab issue 1767:
I had to say that this issue gave me very hard time trying to figure things out.
It is really counter-intuitive that gitlab_rails['gitlab_shell_ssh_port'] = 30022 only works to change the URI displayed in the web page instead of also changing the port sshd serves in guest machine.
Besides subjective feelings above, there are also two facts in the way it currently works:
- There is no way to change the ssh port gitlab shell uses on the docker container.
- When using the docker's ip address to access the gitlab server, port would always have to be 22 instead of what is used in the URI.
I would argue that the way original document described is a better way how things should work around the issue.
gitlab_rails['gitlab_shell_ssh_port'] should also change the port gitlab-shell is served on guest side.
并且:
You have to customize the port inside the file /assets/sshd_config by your Dockerfile.
那是 mentioned here。
因为我看到“已建立连接”,所以有可能,因为那些错误报告,sshd_config 现在已正确修改(自动)
如果是这种情况,请仔细检查您在 GitLab 配置文件中注册的 public 密钥:它应该是 /home/rafael/.ssh/id_rsa.pub.
我已经使用以下配置设置了 gitlab 的本地实例:
version: "3"
services:
gitlab:
image: gitlab/gitlab-ce:latest
container_name: gitlab
hostname: 'gitlab.local.com'
restart: always
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://gitlab.local.com:4005'
gitlab_rails['gitlab_shell_ssh_port'] = 3005
ports:
- '4005:4005'
- '3005:3005'
volumes:
- '/srv/gitlab/config:/etc/gitlab'
- '/srv/gitlab/logs:/var/log/gitlab'
- '/srv/gitlab/data:/var/opt/gitlab'
然后我根据 gitlab 文档添加了 SSH 密钥。
最后,当通过 SSH 连接到实例或克隆 repo 时,我收到以下错误:
ssh -Tvv git@gitlab.local.com -p 3005
OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "gitlab.local.com" port 3005
debug2: ssh_connect_direct
debug1: Connecting to gitlab.local.com [0.0.0.0] port 3005.
debug1: Connection established.
debug1: identity file /home/rafael/.ssh/id_rsa type 0
debug1: identity file /home/rafael/.ssh/id_rsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_dsa type -1
debug1: identity file /home/rafael/.ssh/id_dsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/rafael/.ssh/id_ed25519 type 3
debug1: identity file /home/rafael/.ssh/id_ed25519-cert type -1
debug1: identity file /home/rafael/.ssh/id_ed25519_sk type -1
debug1: identity file /home/rafael/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/rafael/.ssh/id_xmss type -1
debug1: identity file /home/rafael/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
kex_exchange_identification: Connection closed by remote host
我已经禁用了 ufw,我已经重置了 known_hosts,我已经尝试了所有我能想到的方法,但在 Internet 上找不到任何对我有帮助的东西。
为什么会出现这个错误?这是我通过 ssh 访问时遇到问题的唯一“服务器”...
首先检查 GitLab Docker 容器中的 ssh 守护进程是否监听端口 3005(custom port)。
例如见gitlab-org/omnibus-gitlab issue 1767:
I had to say that this issue gave me very hard time trying to figure things out.
It is really counter-intuitive thatgitlab_rails['gitlab_shell_ssh_port'] = 30022only works to change the URI displayed in the web page instead of also changing the portsshdserves in guest machine.
Besides subjective feelings above, there are also two facts in the way it currently works:
- There is no way to change the ssh port gitlab shell uses on the docker container.
- When using the docker's ip address to access the gitlab server, port would always have to be 22 instead of what is used in the URI.
I would argue that the way original document described is a better way how things should work around the issue.
gitlab_rails['gitlab_shell_ssh_port']should also change the port gitlab-shell is served on guest side.
并且:
You have to customize the port inside the file
/assets/sshd_configby your Dockerfile.
那是 mentioned here。
因为我看到“已建立连接”,所以有可能,因为那些错误报告,sshd_config 现在已正确修改(自动)
如果是这种情况,请仔细检查您在 GitLab 配置文件中注册的 public 密钥:它应该是 /home/rafael/.ssh/id_rsa.pub.