尝试在 AWS Lambda 上使用 ProxyCommand 进行 ssh 操作,但失败了。我不确定为什么。我基本上是在做一个 git clone,它本来可以工作,但现在 git 服务器超出了跳转主机的范围。我在其他机器上也可以使用 git clone,但在 lambda 上我得到了(密钥和 ssh 配置文件写入了 /tmp 文件夹(也使用https://github.com/pimterry/lambda-git对于 git/ssh):
OpenSSH_7.4p1, OpenSSL 1.0.1k-fips 8 Jan 2015
debug1: Reading configuration data /tmp/ssh_config
debug1: /tmp/ssh_config line 16: Applying options for bitbucker_server
debug1: Executing proxy command: exec /tmp/git/usr/bin/ssh -vvv -F /tmp/ssh_config inter -W bitbucket_server:7999
debug1: permanently_drop_suid: 482
setresuid 482: Operation not permitted
debug1: identity file /tmp/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /tmp/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
ssh_exchange_identification: Connection closed by remote host
fatal: Could not read from remote repository.
我想知道它是否与 permanently_drop_suid 有关,因为该设置在 lambda 之外工作。
lambda 之外的相同操作......
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /tmp/ssh_config
debug1: /tmp/ssh_config line 15: Applying options for bitbucket_server
debug1: Executing proxy command: exec ssh -vvv inter -W bitbucket_server:7999
debug1: identity file /tmp/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /tmp/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: permanently_drop_suid: 501
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /home/user_name/.ssh/config
debug1: /home/user_name/.ssh/config line 7: Applying options for inter
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Executing proxy command: exec ssh -A jump -W bibucket_server:22
debug1: identity file /home/user_naem/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user_name/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user_name/.ssh/id_dsa type -1
.
.
.
有人吗?