SCP authenticity requires input, freezes build

circle.yml

#1

Hi all :slight_smile:

I am aiming to copy a folder generated after tests passed to a server using SCP.
Got it set up with an SSH key and things coming from envrionment variables.

My config file looks like this:

# Javascript Node CircleCI 2.0 configuration file
#
# Check https://circleci.com/docs/2.0/language-javascript/ for more details
#
version: 2
jobs:
  build:
    docker:
      # specify the version you desire here
      - image: circleci/node:7.10

    working_directory: ~/repo

    steps:
      - checkout

      # Download and cache dependencies
      - restore_cache:
          keys:
          - v1-dependencies-{{ checksum "package.json" }}
          # fallback to using the latest cache if no exact match is found
          - v1-dependencies-

      - run: yarn install

      - save_cache:
          paths:
            - node_modules
          key: v1-dependencies-{{ checksum "package.json" }}
        
      # run tests!
      - run: yarn test
      - run: yarn run build
      - deploy: 
          name: Deploy master to dev Env
          command: |
              if [ "${CIRCLE_BRANCH}" == "master" ]; then
                  scp -r -P $SSH_PORT dist $SSH_USERNAME@$SSH_SERVER:html/movi-beta
              fi

My build never finishes running however because it says:

The authenticity of host '[ip]:port([ip]:port)' can't be established.
ED25519 key fingerprint is [fingerprint].
Are you sure you want to continue connecting (yes/no)?

On the forums I found the suggestion to add to known hosts, so I tries adding the following line but that didn’t help either.

echo '$SSH_SERVER ssh-rsa [fingerprint taken from above]' >> ~/.ssh/known_hosts

Any ideas how I can get this to work?


#2

I fixed a first issue with the unknown host by changing the line to:

scp -r -o StrictHostKeyChecking=no -P $SSH_POST dist/* $SSH_USERNAME@$SSH_SERVER:html/movi-beta

Which simply tells scp to ignore the problem. Not the ideal solution but I will settle for working.

Now my trouble is that it is still not working. Am I using the environment variables I set up in the UI right here?

Because when I execute the exact same line with the values filled in on my machine I don’t have any issues :confused:


#3

Same issue here - I thought add_ssh_keys could help but it doesn’t.
Shouldn’t there be a way to provide all fingerprints in the SSH “add a project private key” section, along with host name?


How to deploy to Digital Ocean?
#4

I struggled with this for hours and hours - CircleCI 1.0 doesn’t have this problem.

The solution that worked for me was, assuming you have an environment variable setup as per the OP:

- run: ssh-keyscan $SSH_SERVER >> ~/.ssh/known_hosts

It will only works it lives after -checkout as checkout seems to create the file.


#5