Getting SSH to work too ambiguous to follow?


#1

I’m new to this whole CI thing. Plus CircleCI is the first I’m trying. I like the process, except the docs is just ambiguous to say the least.

I’m trying to make sense of this: https://circleci.com/docs/2.0/add-ssh-key/ in solving these steps I wanna accomplish

After building my angular app, I wanna have it pushed via scp to a droplet I have on DO

After everything, here’s my command to copy over:

- run: scp -r ./dist/app/* user@IP-Address:/home/user/pwa/app/

The response I get in the CI build logs is this:

ECDSA key fingerprint is ab:e4:...39:46:.....xx:xx:xx.
Are you sure you want to continue connecting (yes/no)? Step was canceled```

**What I've done**

Under project settings, I've added my private key:

![Screenshot%202018-10-25%2012%3A11%3A26|690x148](upload://4eTz1uS7PS7615hRdBLqmv2G4PF.png) 

Then my `config.yml` file, I've added this:

    - add_ssh_keys:
              fingerprints:
              - "ab:xxx:be"

Still was popping up that show stopper ssh confirm in the build logs, so I went ahead to log into CI via ssh, then `ssh-copy-id` the ssh details onto the destination server.

Unfortunately, still no success. That "Are you sure" confirmation still comes up:

Now, this doc is too vague: https://circleci.com/docs/2.0/add-ssh-key/

For example: 
> 5. In the  **Private Key**  field, paste the SSH key you are adding.

What private key?CI Image's, or Destination server's private key?

Assuming I guess one of these and add, then what? Am I done? What should I do next?

So back to my question, with the steps I've done above, that I still get that "Are you sure you want to continue connecting (yes/no)?", what's the solution?

Do I combine all methods: Add fingerprints (which fingerprints even, Destination Server's, or CCI's) after adding the private key?

I've read many, and combed the forums too. All bits and pieces, and nothing seems to be working for me. I just wanna scp stuff from CI to a VPS via SSH. I'm not trying to take over the world.

Will appreciate a much easy to follow, unambiguous guide on how to scp into a vps via ssh from the CI.

Thanks

#2

Hello,
When you added your SSH key, what did you enter as the host name? If you haven’t yet tried, try it with the hostname blank.


#3

I just tried a blank hostname field when adding the private key. Still asks for the add to

Are you sure you want to continue connecting (yes/no)?

Is there an option to confirm commands via the logs terminal in the browser?

This whole ssh is frustrating. I’ve tried all possible options I’ve read based on my understanding, yet none works so far.

Tried different things 2 days now. :thinking:


#4

One thing you might want to try is telling ssh not to check the host key:

scp -o StrictHostKeyChecking=no [the rest of your command]

Hope this helps,
David


#5

Were you ever able to sort this out? I’m stuck in the same spot and I’m running out of ideas.


#6

Would you let us know what you have done?

Basically you need to get your (private) deploy key onto the server using your CircleCI env vars. It helps also to create a known_hosts file by doing the process manually from the CI server (using SSH) and then committing that file into your repo (from where it can be copied into place). This last step makes @dsandersAzure’s advice redundant (and it is ideal not to turn off host checking anyway, for security reasons).


#7

I’ve made a post here.

Long story short, I’ve tried everything and I can not get past the server authenticity issue.

If I try using the StrictHostKeyChecking=no flag mentioned here I get an error that says Permission denied (publickey).

I currently have something like 12 SSH keys in my CircleCi settings for this project and nothing seems to be working.