Having vagrant provisioning clone a repository,

sshvagrantvirtualbox

I'm trying to build an environment that when it finishes bringing the VM up it clones a repository into the share directory. The problem is that the box doesn't have SSH permission on the remote repository.

I have a simple bash script:

#!/bin/bash
cd /vagrant
if [ ! -d "repo" ]; then
  git clone git@remoterepo.com:/my/repo.git
end

I get the error:

Host key verification failed.

fatal: The remote end hung up unexpectedly

Which makes sense since there is no keys in /home/vagrant/.ssh

I've done a fair bit of googling to no avail, I've tried to set config.ssh.forward_agent = true which allows me to manually clone the repo when I'm ssh'ed into the machine but not when it tries to run itself. I've also tried to specify config.ssh.private_ssh_key = "~/.ssh/id_rsa" but then vagrant simply won't finish loading (I assume the application can't ssh into the box).

So my question is… Do I need to rebuild my base box to include a set of keys and authorize those keys with my remote repo? Or is there an easier solution I'm missing?

note: I've looked at SSH Basics on Vagrant VMs which seem similar but I think this is more about setting up a different user on the box and the solution posted is much more manual than I'd like.

Best Answer

The temporary solution for me was to generate a set of keys and place them in the same directory as the Vagrantfile, then when provisioning I copy the keys over into /root/.ssh/ . There was one small hitch with this and that was that I also had to generate a known_hosts file in order for the VM to accept the connection from the remote server. The known_hosts file also resides in the /vagrant/.ssh/ dir and gets copied over with the keys and everything is now working.

Eventually when I'm not trying to upload a 1GB box to my file host over spotty wi-fi the real solution will be to include these files in the basebox permanently.

Related Solutions

Git permission denied (public key) error

Have you tried creating a new SSH certificate, i.e. key pair?

1 Generate default key pair:

$ ssh-keygen -t rsa -C "defaultuser@gmail.com"

Don't use this if you already have an SSH certificate.

2 Generate additional key pairs:

$ ssh-keygen -t rsa -C "seconduser@gmail.com"

3 Add non-default keys

$ ssh-add ~/.ssh/id_rsa_seconduser
Enter passphrase for /Users/defaultuser/.ssh/id_rsa_seconduser: 
Identity added: /Users/defaultuser/.ssh/id_rsa_defaultuser  (/Users/defaultuser/.ssh/id_rsa_defaultuser)

4 Set SSH configuration file (~/.ssh/config) so SSH knows which key to be used for which server:

Host github.com
  HostName github.com
  User git
  IdentityFile /Users/XXXUser/.ssh/id_rsa

Host github-client
  HostName github.com
  User git
  IdentityFile /Users/XXXUser/.ssh/id_rsa_XXXSECONDUSER

5 Make sure in the .git/config file for the Git project associated with the second user account at Github that you are using correct host name github-client but not github.com:

[remote "origin"]
    fetch = +refs/heads/*:refs/remotes/origin/*
    url = git@github-client:foobarsomeuser/foobar.git

SSH Basics on Vagrant VMs

I am adding this solution for anyone who comes to this thread:

First open this file on the host machine:

$ sudo vim ~/.vagrant.d/boxes/<yourbox>/include/_Vagrantfile

Verify that config.ssh.private_key_path is set to your private key file. If not update that

ssh to vagrant box with default pwd

$ vagrant ssh (default pwd = ‘vagrant’]

Once in the box:

vagrant@lucid64:~$ sudo visudo -f .ssh/authorized_keys

Add your public key to this file and save the file, and exit the box

vagrant@lucid64:~$ exit

Back to the local machine

$ vagrant halt
$ vagrant up

This worked for me

Best Answer

Related Solutions

Git permission denied (public key) error

SSH Basics on Vagrant VMs

Related Question