如何在 terraform 中使用密码保护的私有 ssh 密钥？

Question

我正在关注本教程https://www.digitalocean.com/community/tutorials/how-to-use-ansible-with-terraform-for-configuration-management，学习 Terraform 和 Ansible。

当我执行terraform apply时，它会抛出一个错误：

digitalocean_droplet.web[2]: Provisioning with 'remote-exec'...

Error: Failed to parse ssh private key: ssh: this private key is passphrase protected

Error: Error creating droplet: POST https://api.digitalocean.com/v2/droplets: 422 Failed to resolve VPC

  on droplets.tf line 1, in resource "digitalocean_droplet" "web":
   1: resource "digitalocean_droplet" "web" {

这是代码：

  provisioner "remote-exec" {
    inline = ["sudo apt update", "sudo apt install python3 -y", "echo DONE!"]

    connection {
      host        = self.ipv4_address
      type        = "ssh"
      user        = "root"
      private_key = file(var.pvt_key)
    }
  }

我机器上的 SSH 私钥 (~/.ssh/id_rsa) 受密码保护。如何使用它？

Answer 1

您可以使用ssh-add ~/.ssh/id_rsa 将所需的ssh 密钥添加到ssh-agent，然后将连接节中的agent 字段设置为：

connection {
  host        = self.ipv4_address
  type        = "ssh"
  user        = "root"
  agent       = true
}