Added SSH key not used

ssh
nodejs

#1

I am trying to use an added ssk key to deploy files to a remote server using rsync. This worked under CircleCI 1.0, but the same key was not working after I tried to migrate our relatively simple config to 2.0. I’m using the add_ssh_keys command as described elsewhere, and I’ve tried generating a new key and adding through the CircleCI project settings to get the fingerprint. Using a node container, but not certain if that’s relevant.

What I’m observing in the build output is the fingerprint of the added key and the fingerprint of the key being used don’t match. I’m not certain if the specific key needs to be specified somewhere and, if it does, not sure how to do that.

Our .circleci/config.yml files looks like this:

version: 2

jobs:
  build:
    docker:
      - image: circleci/node:10-browsers-legacy

    branches:
      only:
        - develop

    steps:
      - checkout
      - run: sudo apt install rsync
      - run: npm set prefix=/home/circleci/npm && echo 'export PATH=$HOME/circleci/npm/bin:$PATH' >> /home/circleci/.bashrc
      - run: npm install webpack-cli -g
      - run: npm install
      - run: npm run build
      - add_ssh_keys:
          fingerprints:
            - "0a:7d:b4:no:tr:ea:ll:yt:he:ss:hf:in:ge:rp:ri:nt"
      - run: rsync -rvlz -e 'ssh -p 2222' --force dist/ sw someuser@ourdomain.com:/path/to/deployment/folder

#2

The problem is not with your key. The problem is that host key checking expects some input, but since this is running in CI there is no way to give it input.

I typically will just disable hostkeychecking. Something like this should work (note this is copy/pasted from another project, update the actual rsync command to do what you need it to do)

rsync -e "ssh -o StrictHostKeyChecking=no" -avz scripts/ $PROD_SERVER:/var/www/zadacha/scripts/

#3

Yes, that was the issue. Thanks @levlaz! Worked like a charm after suppressing the host key checking prompt.


#4

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.