Packer 在配置步骤中无法正确使用私钥进行 SSH 身份验证

我使用 Packer 构建 VirtualBox 映像，并使用 Ansible 配置程序设置映像。构建器步骤创建一个临时用户（ssh_username和ssh_password）。Ansible 配置程序使用此临时用户运行。当然，我希望在设置更安全的仅公钥用户后摆脱此用户。因此，我添加了第二个 Ansible 配置步骤，以安全用户身份连接并删除不安全用户。或者至少这是计划。但是，使用此方法，Ansible 通过打包器无法真正连接到虚拟机。

以下是 packer.json 文件的相关部分：

"provisioners": [
    {
        "type": "ansible",
        "playbook_file": "playbooks/image/image.yml",
        "groups": [
            "{{user `ansible_group`}}"
        ],
        "user": "vagrant",
        "extra_arguments": [
            "--vault-password-file", "scripts/get-vault-password.sh",
            "-e", "global_configuration_user={{user `configuration_user`}}",
            "-e", "global_deployment_user={{user `deployment_user`}}",
            "-e", "ansible_ssh_pass=vagrant",
            "-vvvvv"
        ]
    },
    {
        "type": "ansible",
        "playbook_file": "playbooks/image/removeVagrant.yml",
        "groups": [
            "{{user `ansible_group`}}"
        ],
        "user": "{{user `configuration_user`}}",
        "extra_arguments": [
            "--vault-password-file", "scripts/get-vault-password.sh",
            "-e", "global_configuration_user={{user `configuration_user`}}",
            "-e", "global_deployment_user={{user `deployment_user`}}",
            "-e", "ansible_ssh_private_key_file=~/.ssh/id_{{user `configuration_user`}}_rsa",
            "-vvvvv"
        ]
    }
],

第一个配置步骤没有问题。第二个步骤因权限被拒绝而失败。Ansible 正在尝试执行以下 SSH 命令：

ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o Port=37947 -o 'IdentityFile="/home/redacted/.ssh/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=redacted -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ControlPath=/home/redacted/.ansible/cp/ansible-ssh-%h-%p-%r 127.0.0.1 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1491233126.24-276699777493633 `" && echo ansible-tmp-1491233126.24-276699777493633="` echo ~/.ansible/tmp/ansible-tmp-1491233126.24-276699777493633 `" ) && sleep 0'"'"''

SSH 调试输出的相关部分是：

debug1: SSH2_MSG_NEWKEYS received
debug2: key: /home/redacted/.ssh/id_rsa, explicit, agent
debug2: key: redacted
debug2: key: redacted
debug2: key: redacted
debug2: key: redacted
debug2: key: redacted
debug2: key: redacted
debug2: key: redacted
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred: ,gssapi-keyex,hostbased,publickey
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/redacted/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: key2
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51

然后它继续尝试我.ssh目录中的其余密钥，当然，这些密钥都失败了。第一个密钥，即请求的密钥，已经失败了。

我运行 Packer-on-error=abort以便它可以让虚拟机保持运行。我尝试使用相同的命令进行 SSH 连接，但出现连接被拒绝错误。我发现，原因是它试图连接到 Packer 设置的 SSH 代理端口。因此，我使用在 Virtualbox VM 上设置的实际转发端口，SSH 连接成功。因此，问题似乎出在 SSH 代理上。但是，我不确定如何让它正常运行。

我也尝试使用ssh_authorized_key_file选项（https://www.packer.io/docs/provisioners/ansible.html) 在我的 Ansible 配置器 Packer 配置中。在这种情况下，我收到一个 Packer 错误，提示无法解析授权密钥（源代码在这里：https://github.com/bhcleek/packer-provisioner-ansible/blob/master/provisioner/ansible/provisioner.go)。它没有告诉我问题是什么。SSH 库的 Go 文档说这是标准的 SSH 密钥文件格式。或者这是我对它的最佳解释（https://godoc.org/golang.org/x/crypto/ssh#ParseAuthorizedKey）。