我正在尝试用packer构建一个AWS AMI。这是我的包装商会议:
source "amazon-ebs" "base-alpine" {
assume_role {
role_arn = "arn:aws:iam::${var.aws_account_id}:role/admin-ci"
session_name = "packer"
}
source_ami_filter {
filters = {
virtualization-type = "hvm"
name = "alpine-3.15.0*"
root-device-type = "ebs"
}
owners = ["538276064493"]
most_recent = true
}
subnet_filter {
filters = {
"tag:Function" : "public"
"tag:Project" : "brain"
}
most_free = true
}
security_group_filter {
filters = {
"tag:Function" : "public"
"tag:Project" : "brain"
}
}
ami_name = "base-alpine"
instance_type = "t4g.medium"
region = "${var.aws_region}"
ssh_username = "alpine"
associate_public_ip_address = true
force_deregister = true
force_delete_snapshot = true
tags = {
Project = "brain"
Name = "base-alpine"
}
}
build {
sources = ["source.amazon-ebs.base-alpine"]
provisioner "file" {
source = "hostname.sh"
destination = "/tmp/hostname.sh"
}
provisioner "shell" {
valid_exit_codes = [0, 1]
inline = [
"doas apk -U upgrade"
]
}
}
我以前使用了完全相同的配置,但使用了不同的基础AMI,它运行得很好。
现在,在我更改了基础AMI之后,我收到了这个错误:
==> amazon-ebs.base-alpine: Error waiting for SSH: Packer experienced an authentication error when trying to connect via SSH. This can happen if your username/password are wrong. You may want to double-check your credentials as part of your debugging process. original error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
有趣的是,我可以使用生成的ssh私钥将ssh发送到创建的Packer机器中,而不会出现任何问题。
你知道为什么会这样吗?或者建议更好的调试?
我发现我的packer版本默认不支持ED25519类型的密钥对,并且需要一个特定的参数才能工作。
region = "eu-west-2"
ssh_username = "ubuntu"
temporary_key_pair_type = "ed25519"
此处提供更多信息https://discuss.hashicorp.com/t/packer-unable-to-ssh-into-amazon-linux-2022/33519/2
我会把@Beevik的评论放在这里
AWS alpine 3.15云映像附带的openssh配置默认情况下似乎不支持RSA密钥。当packer客户端尝试通过ssh连接时,我在/var/log/messages中看到以下错误:;userauth_pubkey:密钥类型ssh-rsa不在PubkeyAcceptedAlgorithms中;。降级到高山3.14云图像对我来说很有效。
当在源中使用错误的ssh_username时,会发生此故障:
源";亚马逊ebs"somename";{。。。ssh_username=";这里有一个错误的名字";}对于amazonlinux,它是ec2用户,对于ubuntu-ubuntu