SCP authenticity requires input, freezes build

HoverBaum · September 15, 2017, 9:38am

Hi all

I am aiming to copy a folder generated after tests passed to a server using SCP.
Got it set up with an SSH key and things coming from envrionment variables.

My config file looks like this:

# Javascript Node CircleCI 2.0 configuration file
#
# Check https://circleci.com/docs/2.0/language-javascript/ for more details
#
version: 2
jobs:
  build:
    docker:
      # specify the version you desire here
      - image: circleci/node:7.10

    working_directory: ~/repo

    steps:
      - checkout

      # Download and cache dependencies
      - restore_cache:
          keys:
          - v1-dependencies-{{ checksum "package.json" }}
          # fallback to using the latest cache if no exact match is found
          - v1-dependencies-

      - run: yarn install

      - save_cache:
          paths:
            - node_modules
          key: v1-dependencies-{{ checksum "package.json" }}
        
      # run tests!
      - run: yarn test
      - run: yarn run build
      - deploy: 
          name: Deploy master to dev Env
          command: |
              if [ "${CIRCLE_BRANCH}" == "master" ]; then
                  scp -r -P $SSH_PORT dist $SSH_USERNAME@$SSH_SERVER:html/movi-beta
              fi

My build never finishes running however because it says:

The authenticity of host '[ip]:port([ip]:port)' can't be established.
ED25519 key fingerprint is [fingerprint].
Are you sure you want to continue connecting (yes/no)?

On the forums I found the suggestion to add to known hosts, so I tries adding the following line but that didn’t help either.

echo '$SSH_SERVER ssh-rsa [fingerprint taken from above]' >> ~/.ssh/known_hosts

Any ideas how I can get this to work?

HoverBaum · September 15, 2017, 3:05pm

I fixed a first issue with the unknown host by changing the line to:

scp -r -o StrictHostKeyChecking=no -P $SSH_POST dist/* $SSH_USERNAME@$SSH_SERVER:html/movi-beta

Which simply tells scp to ignore the problem. Not the ideal solution but I will settle for working.

Now my trouble is that it is still not working. Am I using the environment variables I set up in the UI right here?

Because when I execute the exact same line with the values filled in on my machine I don’t have any issues

therazor · September 30, 2017, 10:13pm

Same issue here - I thought add_ssh_keys could help but it doesn’t.
Shouldn’t there be a way to provide all fingerprints in the SSH “add a project private key” section, along with host name?

ErisDS · March 18, 2018, 3:13pm

I struggled with this for hours and hours - CircleCI 1.0 doesn’t have this problem.

The solution that worked for me was, assuming you have an environment variable setup as per the OP:

- run: ssh-keyscan $SSH_SERVER >> ~/.ssh/known_hosts

It will only works it lives after -checkout as checkout seems to create the file.

Topic		Replies	Views
SSH issues Deployments ssh , keys , circle-yml , 2.0	1	3738	April 7, 2020
SSH can't establish authenticity of host, despite adding options, keys, known_hosts, etc Deployments circle-yml	4	7474	November 26, 2020
Authenticity of host can't be established. Are you sure you want to continue connecting (yes/no)? Build Environment	10	23711	January 22, 2019
Could not able to SSH/(SCP the file) into local machine from the circle Build Environment circle-yml	1	2813	October 19, 2021
The authenticity of github host can't be stablished Build Environment	4	16381	March 25, 2020

SCP authenticity requires input, freezes build

Related topics