SSH Sharing
vagrant share通过向vagrant share提供--SSH标志,使远程SSH访问vagrant环境变得非常容易。
如果你想让同事访问你的SSH,以便对ops问题进行故障排除,那么简单的SSH共享是非常有用的。此外,如果你愿意,它还支持使用vagrant环境进行结对编程!
作为安全措施,SSH共享在默认情况下是禁用的。要启用SSH共享,只需在调用vagrant share时提供--SSH标志。
1.Usage使用
即运行vagrant share --ssh命令
当启用SSH共享时,Vagrant为SSH访问生成一个全新的密钥对。公钥部分自动插入到vagrant中,私钥部分提供给连接到vagrant share的用户。此私钥使用将提示你输入密码进行加密。这个密码永远不会通过vagrant在网络上传输,它是一个额外的安全层,可以防止任何可能知道你的共享名的人轻易访问你的计算机。
当你运行vagrant share --ssh命令后,它将输出你共享的名字
userdeMBP:~ user$ vagrant share --ssh Vagrant Share now defaults to using the `ngrok` driver. The `classic` driver has been deprecated. For more information about the `ngrok` driver, please refer to the documentation: https://www.vagrantup.com/docs/share/ ==> default: Detecting network information for machine... default: Local machine address: 127.0.0.1 default: default: Note: With the local address (127.0.0.1), Vagrant Share can only default: share any ports you have forwarded. Assign an IP or address to your default: machine to expose all TCP ports. Consult the documentation default: for your provider ('virtualbox') for more information. default: default: An HTTP port couldn't be detected! Since SSH is enabled, this is default: not an error. If you want to share both SSH and HTTP, please set default: an HTTP port with `--http`. default: ==> default: Generating new SSH key... default: Please enter a password to encrypt the key: //输入密码 default: Repeat the password to confirm: /Users/user/.vagrant.d/gems/2.4.4/gems/vagrant-share-1.1.9/lib/vagrant-share/activate.rb:590: warning: constant OpenSSL::Cipher::Cipher is deprecated default: Inserting generated SSH key into machine... default: Local HTTP port: disabled default: Local HTTPS port: disabled default: SSH Port: 2222 default: Port: 2222 ==> default: Creating Vagrant Share session... share: Box 'hashicorp/vagrant-share' could not be found. Attempting to find and install... share: Box Provider: virtualbox share: Box Version: >= 0 share: Loading metadata for box 'hashicorp/vagrant-share' share: URL: https://vagrantcloud.com/hashicorp/vagrant-share share: Adding box 'hashicorp/vagrant-share' (v0.1.0) for provider: virtualbox share: Downloading: https://vagrantcloud.com/hashicorp/boxes/vagrant-share/versions/0.1.0/providers/virtualbox.box share: Download redirected to host: s3.amazonaws.com share: Successfully added box 'hashicorp/vagrant-share' (v0.1.0) for 'virtualbox'! //默认打开的是该虚拟机,进行下载即配置 share: Importing base box 'hashicorp/vagrant-share'... share: Matching MAC address for NAT networking... share: Setting the name of the VM: share-0524aac2-590a-4caf-af81-0fb8f5025e88 share: Fixed port collision for 22 => 2222. Now on port 2200. share: Vagrant has detected a configuration issue which exposes a share: vulnerability with the installed version of VirtualBox. The share: current guest is configured to use an E1000 NIC type for a share: network adapter which is vulnerable in this version of VirtualBox. share: Ensure the guest is trusted to use this configuration or update share: the NIC type using one of the methods below: share: share: https://www.vagrantup.com/docs/virtualbox/configuration.html#default-nic-type share: https://www.vagrantup.com/docs/virtualbox/networking.html#virtualbox-nic-type share: Clearing any previously set network interfaces... share: Preparing network interfaces based on configuration... share: Adapter 1: nat share: Forwarding ports... share: 31338 (guest) => 65535 (host) (adapter 1) share: 22 (guest) => 2200 (host) (adapter 1) share: Running 'pre-boot' VM customizations... share: Booting VM... share: Waiting for machine to boot. This may take a few minutes... share: SSH address: 127.0.0.1:2200 share: SSH username: tc share: SSH auth method: password share: share: Inserting generated public key within guest... share: Removing insecure key from the guest if it's present... share: Key inserted! Disconnecting and reconnecting using new SSH key... share: Machine booted and ready! ==> share: Halting Vagrant share! ==> share: TCP tunnels are only available after you sign up. //失败的原因是我没有在ngrox上注册或者是没有添加授权码 ==> share: Sign up at: https://ngrok.com/signup ==> share: ==> share: If you have already signed up, make sure your authtoken is installed. ==> share: Your authtoken is available on your dashboard: https://dashboard.ngrok.com ==> share: ==> share: ERR_NGROK_302 ==> share: Forcing shutdown of VM... ==> share: Destroying VM and associated drives...
我已经使用GitHub的账户登录了ngrox官网,那么就是还没有授权的原因,到该网址https://dashboard.ngrok.com查看你自己的授权码:
然后运行命令./ngrok authtoken 授权码 来进行授权
userdeMBP:~ user$ ./ngrok authtoken 我的授权码DMcU
Authtoken saved to configuration file: /Users/user/.ngrok2/ngrok.yml
然后再运行一次,果然就成功了:
userdeMBP:~ user$ vagrant share --ssh Vagrant Share now defaults to using the `ngrok` driver. The `classic` driver has been deprecated. For more information about the `ngrok` driver, please refer to the documentation: https://www.vagrantup.com/docs/share/ ==> default: Detecting network information for machine... default: Local machine address: 127.0.0.1 default: default: Note: With the local address (127.0.0.1), Vagrant Share can only default: share any ports you have forwarded. Assign an IP or address to your default: machine to expose all TCP ports. Consult the documentation default: for your provider ('virtualbox') for more information. default: default: An HTTP port couldn't be detected! Since SSH is enabled, this is default: not an error. If you want to share both SSH and HTTP, please set default: an HTTP port with `--http`. default: ==> default: Generating new SSH key... default: Please enter a password to encrypt the key: //设置你的密码 default: Repeat the password to confirm: /Users/user/.vagrant.d/gems/2.4.4/gems/vagrant-share-1.1.9/lib/vagrant-share/activate.rb:590: warning: constant OpenSSL::Cipher::Cipher is deprecated default: Inserting generated SSH key into machine... default: Local HTTP port: disabled default: Local HTTPS port: disabled default: SSH Port: 2222 default: Port: 2222 ==> default: Creating Vagrant Share session... share: Importing base box 'hashicorp/vagrant-share'... share: Matching MAC address for NAT networking... share: Setting the name of the VM: share-93a8bbdb-abd3-4499-ac8d-bae03a558ada share: Fixed port collision for 22 => 2222. Now on port 2200. share: Vagrant has detected a configuration issue which exposes a share: vulnerability with the installed version of VirtualBox. The share: current guest is configured to use an E1000 NIC type for a share: network adapter which is vulnerable in this version of VirtualBox. share: Ensure the guest is trusted to use this configuration or update share: the NIC type using one of the methods below: share: share: https://www.vagrantup.com/docs/virtualbox/configuration.html#default-nic-type share: https://www.vagrantup.com/docs/virtualbox/networking.html#virtualbox-nic-type share: Clearing any previously set network interfaces... share: Preparing network interfaces based on configuration... share: Adapter 1: nat share: Forwarding ports... share: 31338 (guest) => 65535 (host) (adapter 1) share: 22 (guest) => 2200 (host) (adapter 1) share: Running 'pre-boot' VM customizations... share: Booting VM... share: Waiting for machine to boot. This may take a few minutes... share: SSH address: 127.0.0.1:2200 share: SSH username: tc share: SSH auth method: password share: share: Inserting generated public key within guest... share: Removing insecure key from the guest if it's present... share: Key inserted! Disconnecting and reconnecting using new SSH key... share: Machine booted and ready! ==> share: ==> share: Your Vagrant Share is running! Name: budget_status:chapter_insect ==> share: ==> share: You're sharing with SSH access. This means that another can SSH to ==> share: your Vagrant machine by running: ==> share: ==> share: vagrant connect --ssh budget_status:chapter_insect //这就是时候连接该共享时使用的名称 ==> share:
然后任何人都可以通过运行vagrant connect --ssh 名称(其中名称是前面运行vagrant share --ssh命令输出的共享的名称)直接连接到你的vagrant环境。
$ vagrant connect --ssh budget_status:chapter_insect
如果私钥已加密(默认行为),则会提示连接的人输入解密私钥的密码。
同时,可以看见virtualBox果然新打开了一个虚拟机:
当使用ctrl-C关闭vagrant share时,该虚拟机机器相关的驱动都会自动关闭并删除:
^C==> share: Halting Vagrant share!
==> share: Forcing shutdown of VM...
==> share: Destroying VM and associated drives...