I created a gitlab server. when I want to deploy I got this error message:
$ eval $(ssh-agent -s)
Agent pid 258
$ mkdir -p ~/.ssh
$ echo "$SSH_PRIVATE_KEY" >> ~/.ssh/id_dsa
$ chmod 600 ~/.ssh/id_dsa
$ echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
$ rsync -azlh -e 'ssh -p 5432' $CI_PROJECT_DIR/ root#*.**.***.****:/var/www/html/****.com/public_html/
Warning: Permanently added '[*.***.**.***]:5432' (ECDSA) to the list of known hosts.
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: unexplained error (code 255) at io.c(235) [sender=3.1.2]
Cleaning up file based variables
00:01
ERROR: Job failed: exit code 1
my server is ubuntu.
If your GitLab server version is more recent than 11.0 (June 2018), keep in mind that id_dsa ('dsa', not 'rsa') is marked as "deprecated" in "GitLab and SSH keys" documentation:
See "Support for DSA SSH keys"
Due to published weakness in the ssh-dsa algorithm, we’ll wind down support for DSA SSH keys.
In 11.0, the default value for the DSA SSH keys setting is “Are forbidden”. This setting is located in the visibility and access controls section of the Settings admin panel.
This setting may be overridden if desired.
Beginning in 12.0, GitLab will always reject DSA SSH keys.
Planned removal date: June 22, 2018
It is best to create keys like:
ssh-keygen -t ed25519 -C "<comment>"
# or
ssh-keygen -t rsa -b 2048 -C "<comment>"
Related
I have a Gitlab runner running in a VPS, now is facing this error:
Running on vps...
Getting source from Git repository
00:02
Fetching changes with git depth set to 50...
Reinitialized existing Git repository in /home/gitlab-runner/builds/-Jgf7oJG/0/agency/project/app/.git/
Checking out 67b23db2 as testing...
Removing .env
Skipping Git submodules setup
Executing "step_script" stage of the job script
00:00
$ mkdir -p ~/.ssh
$ echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
$ chmod 700 ~/.ssh/id_rsa
$ eval "$(ssh-agent -s)"
Agent pid 929369
$ ssh-add ~/.ssh/id_rsa
Identity added: /home/gitlab-runner/.ssh/id_rsa (/home/gitlab-runner/.ssh/id_rsa)
$ ssh-keyscan -H $SSH_HOST >> ~/.ssh/known_hosts
bash: line 133: /home/gitlab-runner/.ssh/known_hosts: Permission denied
Cleaning up file based variables
00:00
ERROR: Job failed: exit status 1
I've tryed with the following commands inside the vps that have the runner:
$ sudo usermod -a -G sudo gitlab-runner
$ sudo visudo
And adding this to the bottom of the file.
gitlab-runner ALL=(ALL) NOPASSWD: ALL
make sure that your known_hosts file has the following group & permissions.
-rw-r--r-- 1 gitlab-runner gitlab-runner 444 Aug 2 00:00 known_hosts
from sshd manual
~/.ssh/known_hosts
Contains a list of host keys for all hosts the user has logged into that are not already in the systemwide list of known host keys. The format of this file is described above. This file should be writable only by root/the owner and
can, but need not be, world-readable.
chmod 600/644 for ~/.ssh/known_hosts
I am Try to push code with automate deploy and pull process to the production server, but I got an error in the pipeline build process like this
fatal: could not read Username for 'https://gitlab.com': No such device or address
here is a .gitlab-ci.yml
script:
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
- echo "$PRIVATE_KEY_STAGING" > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- ssh -p22 ec2-user#$SERVER_STAGING "uname -a"
How to Login to My Server and pull my updated code using Gitlab CI/CD?
Thanks in advance
Since you got it resolved, how about to describe better here what have you done?
It may be more usefull to the community rather then a simple
"solved, I use personal Access Token to pull my private repo"
😉
I am working on a continuous integration with Travis CI.
This is my configuration:
before_install:
- echo -e "Host *\n\tStrictHostKeyChecking no\n" > ~/.ssh/config
- echo -e $id_rsa.pub > ~/.ssh/id_rsa.pub
- echo -e $id_rsa > ~/.ssh/id_rsa
- sudo chmod 600 ~/.ssh/*
- sudo chmod 644 ~/.ssh/config
- eval `ssh-agent -s`
- ssh-add ~/.ssh/id_rsa
...
$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /home/travis/.ssh/id_rsa:
On the ssh-add step, it ask me the passphrase and it's stop the deployment. I have tested with an other ssh key without passphrase but it don't fix my issue.
I have tested lot of solution like yes $MY_PASSWORD | ssh-add ~/.ssh/id_rsa or echo "$MY_PASSWORD" | ssh-add ~/.ssh/id_rsa but it don't works.
I have added to my .ssh/config (you can see it in my config):
Host *
StrictHostKeyChecking no
isn't it supposed to make it don't ask me the passphrase ?
Maybe someone have an idea ?
Thanks :)
You are using encrypted private key (which is good), but it needs the passphrase (which is bad for scripting). There are several possibilities you can proceed:
Remove the passphrase from the key and use it unencrypted (less secure)
ssh-keygen -p -P "old_passphrase" -N "" -f ~/.ssh/id_rsa
Use sshpass tool to unlock the key (storing the passphrase next to the key in the script basically defeats the security of encrypted key)
sshpass -p passphrase ssh-add ~/.ssh/id_rsa
I had resolved my problem.
I had different problem in basic utilisation of environment variables and echo.
My environment variables names were not good. "$id_rsa.pub" in travis was interpreted by $id_rsa . ".pub" so it added some wrong characters to my content. I renamed it to id_rsa_pub.
I forget to transform " " in "\ " and newlines by "\n" and with travis and his environment variables, you must write "\\n" instead of just "\n".
My issue was in part because bad ssh files, and because I use a rsa key with password. In my case it's not important to have a password so i deleted it.
For that i use the answer of jakuje. My ssh key is now installed correctly in each builds.
Thank you for your help !
I installer Vagrant 1.8.1 on Windows 10 and as well cygwin and cwRsync. Now i get this error when do vagrant up:
There was an error when attempting to rsync a synced folder.
Please inspect the error message below for more info.
Host path: /cygdrive/m/development/Projects/www.webapp.local/
Guest path: /vagrant
Command: rsync --verbose --archive --delete -z --copy-links --chmod=ugo=rwX --no-perms --no-owner --no-group --rsync-path sudo rsync -e ssh -p 2222 -o ControlMaster=auto -o ControlPath=C:/Users/Eric/AppData/Local/Temp/ssh.202 -o ControlPersist=10m -o StrictHostKeyChecking=no -o IdentitiesOnly=true -o UserKnownHostsFile=/dev/null -i 'M:/development/Projects/www.webapp.local/.vagrant/machines/default/virtualbox/private_key' --exclude .vagrant/ /cygdrive/m/development/Projects/www.webapp.local/ vagrant#127.0.0.1:/vagrant
Error: Could not create directory '/home/Eric/.ssh'.
Warning: Permanently added '[127.0.0.1]:2222' (ECDSA) to the list of known hosts.
mm_receive_fd: no message header
process_mux_new_session: failed to receive fd 0 from slave
mux_client_request_session: read from master failed: Connection reset by peer
Failed to connect to new control master
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(226) [sender=3.1.2]
I already tried the suggestions in this post: http://ekawas.blogspot.co.uk/2007/03/solving-pesky-ssh-issues-in-cygwin.html
But no success.
For now I tried to use another Debian 8 box and it suprised me that this box works in one time without the need to install rsync and cygwin seperate, like the way how Vagrant has to work in my opinion: install and setup without hassle. Also syncing the /vagrant folder works in both directions.
I really don't understand why some boxes need the hassle with installing rsync and cygwin and doing hacks in Vagrant files and other boxes just work with the basic setup of Vagrant.
Well I'm not a Vagrant expert, so maybe I miss something in this way? Maybe someone can explain?
This seems to be a known issue with Vagrant >=1.8.0 and Windows hosts.
For the ones still struggling, remove the following code in $VAGRANT_HOME\embedded\gems\gems\vagrant-1.8.0\plugins\synced_folders\rsync\helper.rb (lines 77 to 79):
"-o ControlMaster=auto " +
"-o ControlPath=#{controlpath} " +
"-o ControlPersist=10m " +
Source
Hi I have installe cygwin and I would like to use rsync but I have this error
Bad owner or permissions on /home/LUPI/.ssh/config
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at
/home/lapo/package/rsync-3.0.9-1/src/rsync-3.0.9/io.c(605) [sender=3.0.9]
I have create the key with this command line and the key
ssh-keygen -t rsa -f ~/.ssh/id_rsa -C "userName"
and the key are similar in the server and in my computer. How to resolve this?
This question should be on superuser or serverfault, and secondly this is an ssh permissions issue and NOT a rsync issue, but here is the solution:
chown -R $USER:users ~/.ssh/
chmod -R 600 ~/.ssh/