How to connect from gitlab ci to a remote server?

D

droit1742020-09-01 14:37:21

Continuous Integration

droit174, 2020-09-01 14:37:21

I repeat the example from the documentation here https://docs.gitlab.com/ee/ci/ssh_keys/README.html...

on a remote server copied id_rsa into the SSH_PRIVATE_KEY variable on gitlab

my .gitlab-ci.yml

stages:
  - build
build stage:
  image: node:10.15.0-stretch
  stage: build
  only:
    - master
  script:
    - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
    - eval $(ssh-agent -s)
    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - ssh ****@**** ls

logs

....
$ command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )
$ eval $(ssh-agent -s)
Agent pid 11
$ echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
Identity added: (stdin) ((stdin))
$ mkdir -p ~/.ssh
$ chmod 700 ~/.ssh
$ ssh ****@**** ls
Host key verification failed.
ERROR: Job failed: exit code 1

Tell me how to connect to a remote server?
Or maybe a description of how to connect?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

SlavikF, 2020-09-01
@SlavikF

The message "Host key verification failed." says that it doesn’t get to check the user’s key (SSH_PRIVATE_KEY), because everything slows down to check the server’s fingerprint (SSH_KNOWN_HOSTS)
In the same article it says what to do with this:
https://docs.gitlab.com /ee/ci/ssh_keys/README.html...
Another option is to ignore the host fingerprint:
ssh -o StrictHostKeyChecking=no ****@**** ls
But this is not secure - you can get to MITM.