Create a spring cloud config server application
Create a maven project with following POM file
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-monitor</artifactId>
</dependency>
</dependencies>
Create main java class with required configuration as following:
@SpringBootApplication
@EnableConfigServer
public class ConfigServerApplication {
public static void main(String[] args) {
SpringApplication.run(ConfigServerApplication.class, args);
}
}
Generate a key pair
Then export the private key under OpenSSH format by Conversions -> Export OpenSSH key
Now you have two private keys and one public key:
- id_rsa
- id_rsa_openssh
- id_rsa.pub
Register the public key with git account
Copy the public key in file id_rsa.pub and add to Git server, e.g., Gitlab
Get the host key according to key pair
The host key is a key for one specified client (config service server in our case) that access to git server. You need to get this key when deploy this component to different server.
Use the following command:
ssh git-server.org
Then you will receive a question as following:
ECDSA key fingerprint is 1e:1a:24:a1:51:9e:b3:65:5c:1e:96:e3:35:e2:cb:bb. Are you sure you want to continue connecting (yes/no)?
After choosing yes, there will be one added entry in file .ssh/known_hosts indicate the host key for this server, it could like
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKGyq3I/rmrUrmB8yPFogHsrBK/2rN7+WrNJwbaYQgWiY/iK32RVnO7RwslBOEPoODOF8b4CmNUP+z1L0Mo41ik=
Update the config server application
Ignore the system system settings
spring:
cloud:
config:
server:
git:
uri: git@gitlabserver/config-repo.git
ignoreLocalSshSettings: true
Configure host key and private key
spring:
cloud:
config:
server:
git:
uri: git@gitlabserver/config-repo.git
ignoreLocalSshSettings: true
strictHostKeyChecking: false
host-key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKGyq3I/rmrUrmB8yPFogHsrBK/2rN7+WrNJwbaYQgWiY/iK32RVnO7RwslBOEPoODOF8b4CmNUP+z1L0Mo41ik=
hostKeyAlgorithm: ssh-rsa
clone-on-start: true
force-pull: true
basedir: ${user.home}/data/config-repo
privateKey: |
-----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQEAqVJhFzMZ1P+NnKBFBkOZa89qhNOVSyKazYaSFJc64LoEW/CD
pYBg2lVUL49njjq5RKqTjRhE4yWyqqafpbKLaRDejoY65roteGB9ilH059oUen9W
pDrhc9O0BqL9sfUptMI1Enhzo/kZLc1VKmU72croohTe6Rhlh5LjrACql2CLUm9k
pXzih1CH5UE2c7AiabkMbyAOsPp0Z/TZekXSvoIratxDtCKanNroIUTs+K51+eC6
Gx0eZ+UqPjMyRzBv7N+zW2NC+CNG2365W56c9afuYE9P9QYxACo6yt5BLB4EjeQN
zqicHXh6Irc1JLVsQhFRyCWNj/UmLgOy6eU6ZQIBJQKCAQBAEVUrX3GO3TyAc/5x
EqjBAl+n4VsVgrcdVYNhvK5+i5LyWwFhN36XzUJy3FCyW2iyMrRdYyD8AG0d+duK
ze+PiderjLxXTV1QJIKHXUfpBmidDZZnp5OTnDZHs0s8apoouC/BzLYiXkDg5ejf
m+0h+b/OoBz+QJUeiptV1r0Wrkf/AwtBGJSIOrDaduBE3YuE1avL/OKC3D5Dc5qZ
yzyML9oXmCamLIUt7SNbGOg0/2K9aL74LNoYCCHkQmjP+gwVFvXs0ON6AaOIXYbI
AK02wPsLnX7J/sZBkf+/0JV0xRbBv2dyE2UIbEXpzTHp/PFPK49v/3jxwk3dhSOk
T3I1AoGBAP1y92iavzuUMjHDTSoSOcxQ1i3FIyHj/RpPwW4B11c1vJaskcGeN2oF
cVjUiI6S7vHgJeuGj5hTQ7WcgQJC67NB0KabXszXvlABtfCKwHrKm5AqR1TcCe6m
a4x5PvBcQE7Mctzbl8Z8MaXyELcN6OskJdDct16LswHMLahNCvDrAoGBAKsGpswD
RdVB8PBy3nKG466C9098l3GXt0fTpnd0QxJfa6/JE9LMdYd5dtZuQ6+QikhJuEOW
8mpC1RsPlPZw5sFOwBUXShzwPA/M0Zt3JXz1xTRywywDJBHRBfgf03yti7B4QHr8
b9zmcdJGvwx1i3EV0876SwGp5TIGGr6zvy3vAoGAS1mH0v2SzIYBFbaaZnQfBWQj
/8T8m190wqIW6Vp+SlwVeOcyQHslOzIM8OU9WtG8qMYZHIHzVsylbVgKraUxUPfk
FdsqBYw/f5HOTm5wkzVQ19U3zR7ShThlKcMuYyJYTscpETpdjgk/MVXNnjSRWqnh
uqJ7tFMLtG0iVKFIcSMCgYEAhgwh3iwUI7A5YoOLwYxRlp4AG7SuDOyIu8GQT8nT
tHRNe/Cg1acrr18zoSX9sx5C3rZSJyNIYR+gHCD4NscxZxQ1r6p4W97i96CInHIk
TS9VYHWf5DnQKaPUPwQwI3ND+QRONuGIG9c2neRsOjKduX/PhozTAU3PULitLa96
KusCgYAtIHsoZ6Y5at1jtOICyhCnjxdBrvb60XJyqyG7uNLZERaRveNDE9axpNPV
ffhdWXxdDuXqpFi+Ci0jWxC/aWar4g9fWH3AITNM2t2HBDpEzfjICZx7GKqFeTEk
Rg3zqTBX6uSyR7JVwqZI04TOK3wWpRdCt67kjuWGnTclSS0ayg==
-----END RSA PRIVATE KEY-----
.:: KNOWL EDGE ::.
Why do documents make it look so easy but 4 years down the line the plumbing has changed, and now you just get obscure jgit exceptions.
Pingback: Git error: "Host Key Verification Failed" when connecting to remote repository