Giter VIP home page Giter VIP logo

Comments (7)

mhart avatar mhart commented on September 26, 2024

If you have to use ssh (you can't use https with Bitbucket?) – then yes, you should just be able to add the Bitbucket hosts to the known_hosts file. You won't need the github.com addresses in there (unless you want to keep them) – but all the other commands would be the same

from git-lambda-layer.

avatar commented on September 26, 2024

I was able to add the Bitbucket hosts to the known_hosts file, however, I still can't connect (using SSH). I replaced the private key with my own private key. and I'm getting this error:

Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights`

I have added the ssh key to bitbucket and I can't connect to ssh [email protected] using the ssh private key that I deploy to this layer.

Just in case you have an idea, here's the complete verbose ssh output:

I'll continue to investigate and will report back.

`OpenSSH_6.6.1, OpenSSL 1.0.1k-fips 8 Jan 2015
Pseudo-terminal will not be allocated because stdin is not a terminal.
debug2: ssh_connect: needpriv 0
debug1: Connecting to bitbucket.org [18.205.93.0] port 22.
debug1: Connection established.
debug1: SELinux support disabled
Could not create directory '/home/sbx_user1092/.ssh'.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/tmp/id_rsa" as a RSA1 public key
debug1: identity file /tmp/id_rsa type 1
debug1: identity file /tmp/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version conker_1.1.31-8625750 app-128
debug1: no match: conker_1.1.31-8625750 app-128
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "bitbucket.org" from file "/tmp/known_hosts"
debug3: load_hostkeys: found key type RSA in file /tmp/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],arcfour256,arcfour128
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],arcfour256,arcfour128
debug2: kex_parse_kexinit: [email protected],hmac-sha2-256,hmac-sha1,hmac-sha1-96
debug2: kex_parse_kexinit: [email protected],hmac-sha2-256,hmac-sha1,hmac-sha1-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: setup [email protected]
debug1: kex: server->client aes128-ctr [email protected] none
debug2: mac_setup: setup [email protected]
debug1: kex: client->server aes128-ctr [email protected] none
debug1: kex: [email protected] need=32 dh_need=32
debug1: kex: [email protected] need=32 dh_need=32
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40
debug3: load_hostkeys: loading entries for host "bitbucket.org" from file "/tmp/known_hosts"
debug3: load_hostkeys: found key type RSA in file /tmp/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "18.205.93.0" from file "/tmp/known_hosts"
debug3: load_hostkeys: found key type RSA in file /tmp/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /tmp/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /tmp/id_rsa (0x55b6f8cf4a50), explicit
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /tmp/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp b7:15:20:ec:1c:aa:cb:d5:f1:42:0c:0e:b2:e3:8d:30
debug3: sign_and_send_pubkey: RSA b7:15:20:ec:1c:aa:cb:d5:f1:42:0c:0e:b2:e3:8d:30
debug1: key_parse_private2: no end marker
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
debug1: read_passphrase: can't open /dev/tty: No such file or directory
debug2: no passphrase given, try next key
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).

from git-lambda-layer.

mhart avatar mhart commented on September 26, 2024

There's something wrong with the key by the looks of it, this line is the error:

Could not load "/tmp/id_rsa" as a RSA1 public key

(You can ignore the Could not create directory '/home/sbx_user1092/.ssh'. warning)

from git-lambda-layer.

mhart avatar mhart commented on September 26, 2024

I suspect you haven't got the key formatted correctly. Instead of manipulating strings, you could try uploading the key with your lambda function (ie, in your zip file) – and then copy it to /tmp and change the permissions in your function. ie:

cp /var/task/id_rsa /tmp/id_rsa
chmod 400 /tmp/id_rsa

from git-lambda-layer.

mhart avatar mhart commented on September 26, 2024

(that's not necessarily a good long-term solution – it would be better to have your key in SSM or Secrets Manager – but just to debug the problem it might be useful)

from git-lambda-layer.

avatar commented on September 26, 2024

So I was getting the key from SSM and it was causing the issue. When I pasted it directly it worked. We can consider it closed! Thanks a bunch.

from git-lambda-layer.

mhart avatar mhart commented on September 26, 2024

Might be something to do with newlines in the string coming from SSM – can be tricky to upload multiline strings

from git-lambda-layer.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.