如何在 apache 中建立 SSH 连接
how to make SSH connection in apache
我正在尝试构建一个 Web 应用程序来使用 ansible 管理我的服务器
现在我使用 Centos 7、PHP 7.4、Laravel 8 和 apache 来构建这个应用程序,并且我已经安装了 https://packagist.org/packages/asm/php-ansible composer 包以便在我的项目中使用 ansible。
这是我的代码:
$ansible = new Asm\Ansible\Ansible(
'/var/www/xxx/storage/ansible',
'',
''
);
$ansible->playbook()->play($myplaybookPath)->inventoryFile($myInventoryPath)->execute(function ($type, $buffer) {
if (Process::ERR === $type) {
echo 'ERR > '.$buffer ."<br/>";
} else {
echo 'OUT > '.$buffer."<br/>";
}
});
这是输出:
OUT > PLAY [install nano] ************************************************************
OUT > TASK [Gathering Facts] *********************************************************
OUT > fatal: [xx.xx.14.139]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
OUT > PLAY RECAP *********************************************************************
OUT > xx.xx.14.139 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
OUT >
库存文件中的用户名和密码是正确的,我测试了很多次,我也用一个非常简单的密码尝试了新服务器。
我 google 这个错误 host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)." 我发现它是关于 authorized_keys 用户 运行 ssh
我在 /var/user/share/httpd/.ssh
中为我的 apache 用户更改了 .ssh 文件夹的权限和 mod
买这个错误仍然存在,我不知道如何解决这个问题。
感谢帮助
更新
这与我的 Web 服务器配置无关,关于 Apache 和 PHP 的一切都没有问题。
我 运行 我直接从终端使用 ansible-playbook 我的 playbook:
ansible-playbook /var/www/xxx/storage/ansible/playbooks/install_nano -i /var/www/xxx/storage/ansible/inventories/testInventory -vvv
我遇到了同样的错误,我猜是关于 InventoryFile 中的 Auth 信息
ansible-playbook 2.9.25
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /var/www/xxx/storage/ansible/inventories/testInventory as it did not pass its verify_file() method
auto declined parsing /var/www/xxx/storage/ansible/inventories/testInventory as it did not pass its verify_file() method
Parsed /var/www/xxx/storage/ansible/inventories/testInventory inventory source with ini plugin
Skipping callback 'actionable', as we already have a stdout callback.
Skipping callback 'counter_enabled', as we already have a stdout callback.
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'full_skip', as we already have a stdout callback.
Skipping callback 'json', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'null', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
Skipping callback 'selective', as we already have a stdout callback.
Skipping callback 'skippy', as we already have a stdout callback.
Skipping callback 'stderr', as we already have a stdout callback.
Skipping callback 'unixy', as we already have a stdout callback.
Skipping callback 'yaml', as we already have a stdout callback.
PLAYBOOK: install nano ******************************************************************************************************************************************************************************
1 plays in /var/www/xxx/storage/ansible/playbooks/install nano
PLAY [install nano] *********************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************
task path: /var/www/xxx/storage/ansible/playbooks/install nano:2
<xx.xx.14.139> ESTABLISH SSH CONNECTION FOR USER: root
<xx.xx.14.139> SSH: EXEC sshpass -d8 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/a7f10d151a xx.xx.14.139 '/bin/sh -c '"'"'echo ~root && sleep 0'"'"''
<xx.xx.14.139> (255, '', 'Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [xx.xx.14.139]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
PLAY RECAP ******************************************************************************************************************************************************************************************
xx.xx.14.139 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
这里是库存文件内容
[linux]
xx.xx.14.139
[linux:vars]
ansible_user=root
ansible_password=testPassword
另外,我尝试 ansible_ssh_user / 密码,但它不起作用!
这是解决方案
我在 ssh 连接中启用了详细模式,我注意到发出的 SSH 请求不支持密码验证。
有 2 个 SSH 配置文件 /etc/ssh/sshd.conf 用于传入请求,/etc/ssh/ssh.cong 用于输出请求,因此我解决了来自输出请求配置文件的问题并启用密码身份验证。
之后,我为我的 apache ssh 文件(如密钥和已知主机文件)设置了权限。
之后,我在 laravel 中创建了一个命令,这样我就可以 运行 使用 root 用户和 Crond 创建我的 ansible 剧本。
我正在尝试构建一个 Web 应用程序来使用 ansible 管理我的服务器
现在我使用 Centos 7、PHP 7.4、Laravel 8 和 apache 来构建这个应用程序,并且我已经安装了 https://packagist.org/packages/asm/php-ansible composer 包以便在我的项目中使用 ansible。
这是我的代码:
$ansible = new Asm\Ansible\Ansible(
'/var/www/xxx/storage/ansible',
'',
''
);
$ansible->playbook()->play($myplaybookPath)->inventoryFile($myInventoryPath)->execute(function ($type, $buffer) {
if (Process::ERR === $type) {
echo 'ERR > '.$buffer ."<br/>";
} else {
echo 'OUT > '.$buffer."<br/>";
}
});
这是输出:
OUT > PLAY [install nano] ************************************************************
OUT > TASK [Gathering Facts] *********************************************************
OUT > fatal: [xx.xx.14.139]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
OUT > PLAY RECAP *********************************************************************
OUT > xx.xx.14.139 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
OUT >
库存文件中的用户名和密码是正确的,我测试了很多次,我也用一个非常简单的密码尝试了新服务器。
我 google 这个错误 host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)." 我发现它是关于 authorized_keys 用户 运行 ssh
我在 /var/user/share/httpd/.ssh
买这个错误仍然存在,我不知道如何解决这个问题。
感谢帮助
更新
这与我的 Web 服务器配置无关,关于 Apache 和 PHP 的一切都没有问题。
我 运行 我直接从终端使用 ansible-playbook 我的 playbook:
ansible-playbook /var/www/xxx/storage/ansible/playbooks/install_nano -i /var/www/xxx/storage/ansible/inventories/testInventory -vvv
我遇到了同样的错误,我猜是关于 InventoryFile 中的 Auth 信息
ansible-playbook 2.9.25
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /var/www/xxx/storage/ansible/inventories/testInventory as it did not pass its verify_file() method
auto declined parsing /var/www/xxx/storage/ansible/inventories/testInventory as it did not pass its verify_file() method
Parsed /var/www/xxx/storage/ansible/inventories/testInventory inventory source with ini plugin
Skipping callback 'actionable', as we already have a stdout callback.
Skipping callback 'counter_enabled', as we already have a stdout callback.
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'full_skip', as we already have a stdout callback.
Skipping callback 'json', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'null', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
Skipping callback 'selective', as we already have a stdout callback.
Skipping callback 'skippy', as we already have a stdout callback.
Skipping callback 'stderr', as we already have a stdout callback.
Skipping callback 'unixy', as we already have a stdout callback.
Skipping callback 'yaml', as we already have a stdout callback.
PLAYBOOK: install nano ******************************************************************************************************************************************************************************
1 plays in /var/www/xxx/storage/ansible/playbooks/install nano
PLAY [install nano] *********************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************
task path: /var/www/xxx/storage/ansible/playbooks/install nano:2
<xx.xx.14.139> ESTABLISH SSH CONNECTION FOR USER: root
<xx.xx.14.139> SSH: EXEC sshpass -d8 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/a7f10d151a xx.xx.14.139 '/bin/sh -c '"'"'echo ~root && sleep 0'"'"''
<xx.xx.14.139> (255, '', 'Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [xx.xx.14.139]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
PLAY RECAP ******************************************************************************************************************************************************************************************
xx.xx.14.139 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
这里是库存文件内容
[linux]
xx.xx.14.139
[linux:vars]
ansible_user=root
ansible_password=testPassword
另外,我尝试 ansible_ssh_user / 密码,但它不起作用!
这是解决方案
我在 ssh 连接中启用了详细模式,我注意到发出的 SSH 请求不支持密码验证。
有 2 个 SSH 配置文件 /etc/ssh/sshd.conf 用于传入请求,/etc/ssh/ssh.cong 用于输出请求,因此我解决了来自输出请求配置文件的问题并启用密码身份验证。
之后,我为我的 apache ssh 文件(如密钥和已知主机文件)设置了权限。
之后,我在 laravel 中创建了一个命令,这样我就可以 运行 使用 root 用户和 Crond 创建我的 ansible 剧本。