git module with ssh

[Aaron Bassett]

Hi, I'm trying to use the ansible and the git module to build a deployment tool for some python code. My git repos are stored on a box we access with ssh keys. I cannot figure out how to get the git module to use my ssh key to access the repo. Currently I'm trying to keep it simple using a simple play with connection:local, but it seems my key is being lost somewhere along the way because I'm getting "Permission denied (publickey).\r\nfatal: The remote end hung up unexpectedly\n." I can run the git command just fine, but ansible can't.

[Michael DeHaan]

It does not presently know how to invoke SSH agent an encrypted key.  Patches would be accepted to add a key and password param to the git module.

-- Michael

On Oct 17, 2012, at 2:28 PM, Aaron Bassett <abas...@gmail.com> wrote:

Hi, I'm trying to use the ansible and the git module to build a deployment tool for some python code. My git repos are stored on a box we access with ssh keys. I cannot figure out how to get the git module to use my ssh key to access the repo. Currently I'm trying to keep it simple using a simple play with connection:local, but it seems my key is being lost somewhere along the way because I'm getting "Permission denied (publickey).\r\nfatal: The remote end hung up unexpectedly\n." I can run the git command just fine, but ansible can't.

--
 
 

[Aaron Bassett]

Mmm I would patch it but it looks like there's no easy way to tell git which key to use. Easier to just set up your .ssh/config for it as per here: http://superuser.com/questions/232373/tell-git-which-private-key-to-use

[Lorin Hochstein]

On Oct 17, 2012, at 11:28 AM, Aaron Bassett <abas...@gmail.com> wrote:

Hi, I'm trying to use the ansible and the git module to build a deployment tool for some python code. My git repos are stored on a box we access with ssh keys. I cannot figure out how to get the git module to use my ssh key to access the repo. Currently I'm trying to keep it simple using a simple play with connection:local, but it seems my key is being lost somewhere along the way because I'm getting "Permission denied (publickey).\r\nfatal: The remote end hung up unexpectedly\n." I can run the git command just fine, but ansible can't.

--
  

We deal with this by using connection=ssh (native ssh connection) with agent forwarding enabled. You'll need to have ssh-agent running on your local machine and add the key using ssh-add.

To enable agent forwarding in ssh, add the following line in your .ssh/config file: 

ForwardAgent yes

Take care,

Lorin

--

Lorin Hochstein

Lead Architect - Cloud Services

Nimbis Services, Inc.

www.nimbisservices.com

[Michael DeHaan]

I still like the idea of adding it to the module.  No bootstrapping, far easier... Maybe also do username plus password...

-- Michael

[Stijn Opheide]

Hi Xianzhe,

are you sudoing through your playbook? if so, you'll need to setup /etc/sudoers to keep your SSH_AUTH_SOCK environment variable.

cheers,

Stijn.

-- 

Stijn Opheide

On Monday 5 November 2012 at 10:40, Xianzhe Liang wrote:

Hi, so anyone has some updates for this issue?

I still cann't make git module working. I set up ForwardAgent yes in ~/.ssh/config and use ansible with connection=ssh, but still got the Permission denied. Meanwhile, when I manually ssh to my server, I can do git clone. Any suggestion here?

Thanks!

Xianzhe

--
 
 

[Xianzhe Liang]

Hi Stijn, Thanks for the quick reply. Yes, adding SSH_AUTH_SOCK makes it work!

Best,
Xianzhe

--
 
 

--
---------------------------------------------
Xianzhe Liang
Information Networking Institute
Carnegie Mellon University
Pittsburgh, 15213 PA