SSH connection to staging server refused


#1

I followed levlaz’s instructions from another post Scp using public key

What I typically do is:

Log into my server that I want CircleCI to deploy to as the user that is going to be doing the deployment (not root).
Run ssh-keygen
Copy ~/.ssh/id_rsa to the CircleCI web form
Copy ~/.ssh/id_rsa.pub to authorized_keys

I can ssh from my Macbook using the same private key that I copied to Circle CI UI form. Unfortunately,
Any ideas?

Here’s my config.yml:

version: 2
jobs:
  build:
    docker:
      - image: circleci/node:7.10-browsers
    working_directory: ~/ptg-ng

    steps:
      - run:
          name: copy to server
          command: ssh -o StrictHostKeyChecking=no -vvv user1@xxxxxx.xxxx.xx 'cd /my_folder'

Here’s the debug info:

#!/bin/bash -eo pipefail
ssh -o StrictHostKeyChecking=no -vvv user1@xxxxxxx.xxxx.xx 'cd /my_folder'
OpenSSH_6.7p1 Debian-5+deb8u3, OpenSSL 1.0.1t  3 May 2016

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug2: ssh_connect: needpriv 0

debug1: Connecting to xxxxxxx.xxxx.xx [xx.xx.xxx.xxx] port 22.

debug1: Connection established.

debug1: SELinux support disabled

debug1: key_load_public: No such file or directory

debug1: identity file /home/circleci/.ssh/id_rsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/circleci/.ssh/id_rsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/circleci/.ssh/id_dsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/circleci/.ssh/id_dsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/circleci/.ssh/id_ecdsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/circleci/.ssh/id_ecdsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/circleci/.ssh/id_ed25519 type -1

debug1: key_load_public: No such file or directory

debug1: identity file /home/circleci/.ssh/id_ed25519-cert type -1

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3

debug1: Remote protocol version 2.0, remote software version OpenSSH_7.1

debug1: match: OpenSSH_7.1 pat OpenSSH* compat 0x04000000

debug2: fd 3 setting O_NONBLOCK

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1

debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss

debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib

debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: first_kex_follows 0 

debug2: kex_parse_kexinit: reserved 0 

debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

debug2: kex_parse_kexinit: ecdsa-sha2-nistp256,ssh-rsa

debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com

debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com

debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1

debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1

debug2: kex_parse_kexinit: none,zlib@openssh.com

debug2: kex_parse_kexinit: none,zlib@openssh.com

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: first_kex_follows 0 

debug2: kex_parse_kexinit: reserved 0 

debug2: mac_setup: setup umac-64-etm@openssh.com

debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none

debug2: mac_setup: setup umac-64-etm@openssh.com

debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none

debug1: sending SSH2_MSG_KEX_ECDH_INIT

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ECDSA a5:20:57:5a:99:27:21:b8:3d:b5:da:87:52:xx:xx:xx

Warning: Permanently added 'xxxxxxx.xxxx.xx,yy.yy.yyy.yyy' (ECDSA) to the list of known hosts.

debug2: kex_derive_keys

debug2: set_newkeys: mode 1

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug2: set_newkeys: mode 0

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug2: service_accept: ssh-userauth

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug2: key:  (0x5644af6126c0),

debug2: key:  (0x5644af611950),

debug2: key: /home/circleci/.ssh/id_rsa ((nil)),

debug2: key: /home/circleci/.ssh/id_dsa ((nil)),

debug2: key: /home/circleci/.ssh/id_ecdsa ((nil)),

debug2: key: /home/circleci/.ssh/id_ed25519 ((nil)),

debug1: Authentications that can continue: publickey,password

debug3: start over, passed a different list publickey,password

debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password

debug3: authmethod_lookup publickey

debug3: remaining preferred: keyboard-interactive,password

debug3: authmethod_is_enabled publickey

debug1: Next authentication method: publickey

debug1: Offering RSA public key: 

debug3: send_pubkey_test

debug2: we sent a publickey packet, wait for reply

debug1: Authentications that can continue: publickey,password

debug1: Offering RSA public key: 

debug3: send_pubkey_test

debug2: we sent a publickey packet, wait for reply

debug1: Server accepts key: pkalg ssh-rsa blen 279

debug2: input_userauth_pk_ok: fp 31:81:d0:58:02:03:da:ce:3c:3b:73:40:70:8d:xx:xx

debug3: sign_and_send_pubkey: RSA 31:81:d0:58:02:03:da:ce:3c:3b:73:40:70:8d:xx:xx

Connection closed by xx.xx.xxx.xxx

Exited with code 255

#2
version: 2
jobs:
  build:
    docker:
      - image: circleci/node:7.10-browsers
    working_directory: ~/ptg-ng

steps:
  - checkout
  - run:
      name: copy to server
      command: ssh -o StrictHostKeyChecking=no -vvv user1@xxxxxx.xxxx.xx 'cd /my_folder'

Try with this, I just added the checkout command that will copy into your docker enviroment the files of the commit has.


#3

Thank you.

I’ve tried with
- checkout

but it didn’t help.
Same output.


#4