I created a dockerfile which generates the docker image with my node application. My application depends on my another application which is added as dependency using git ssh.
When docker build runs npm install, it fails with error code 128. I understand it is because i do not have valid ssh token to access repo. How can i create one and have my docker build pass?
You can use ssh-keygen -t rsa to generate your local machine's key (do not provide any passcode for simplicity) that can be used for authentication. Now adding that key for git access depends on where your repository is i.e is it on hosted sites like bitbucket/github or just your another linux machine.
For repository on local server run below commands on your local machine to add your public key (id_rsa.pub) to git server.
eval "$(ssh-agent -s)"
ssh-add
ssh-copy-id user#git-server
For hosted sites you get the option to add the public-key under your profile settings.
Note: do not forget to add below in ~/.ssh/config file on your local machine to avoid the unknown host exception
Host bitbucket.org
StrictHostKeyChecking no
Host <git-server-ip>
StrictHostKeyChecking no
For more information on generating key please refer to https://confluence.atlassian.com/bitbucketserver/creating-ssh-keys-776639788.html
Related
i am setting up docker context like described here and cofigured the ssh key and the context. Unfortunately I keep getting an error from docker while i'm in the new context:
docker context use myhostcontext
docker ps
error during connect: Get "http://docker.example.com/v1.24/containers/json": command [ssh -l user -- myhost docker system dial-stdio] has exited with exit status 255, please make sure the URL is valid, and Docker 18.09 or later is installed on the remote host: stderr=ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory
Host key verification failed.
Suprisingly when i ssh into user#myhost the connection is established as it should be.
ssh -vv user#myhost shows that it uses the given key in ~/.ssh/config
Additional Info:
Platform: Ubuntu 20.04
Docker: 20.10.23
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
Here is what i've done:
I've created a docker context with
docker context create myhostcontext --docker "host=ssh://user#myhost"
I also created a new ssh keypair with ssh-keygen (tried with rsa and ecdsa),
executed ssh-add /path/to/key and ssh-copy-id -i /path/to/key user#myhost
I tried with using "id_rsa" as keyname as well as "myhost" to make sure its not just a default naming problem.
Looking at several instructions (e.g. This question) unfortunately did not help. I also checked the authorized_keys on the remote host and the public key on my local machine, they match.
My ~/.ssh/config looks like this
Host myhost
HostName myhost
User user
StrictHostKeyChecking no
IdentityFile ~/.ssh/myhost
Also removing entries from known_host did not help.
Using the remote hosts IP instead of its name did not help either.
Installing ssh-askpass just shows me, that the authenticity could not be established (default message when using ssh on a host for the first time). Since I later want to use docker context in a CI/CD environment i don't want to have any non-cli stuff.
The only other possible "issue" that comes to my mind is that the user of the remote host is different that the one i am using on the client. But - if understood correctly - that should not be an issue and also i would not know how to manage that.
Any help or suggestion is highly appreciated, since I am struggling with this for days.
Thanks in advance :)
I have generated a pubic SSH key on my Ubuntu 20.04 server with the user Jenkins, and my key is stored below :
/var/lib/jenkins/.ssh/id_rsa.pub
I have set that public Key on my Gitlab SSH parameters, And I had also create a Credentials in Jenkins for SSH Private key, where i pasted the private key i had generate for my Jenkin's user in linux 20.04 remote server.
When i try to clone the projet using SSH, i get the error :
Failed to connect to repository : Error performing git command: /usr/lib/git-core ls-remote -h git#gitlab.com:project/repository.git HEAD*
Need a helping hand to solve this problem.
enter image description here
First, check that your key is indeed considered when doing ssh with the jenkins account:
ssh -Tv git#gitlab.com
You will see where SSH is looking for your keys, and if /var/lib/jenkins/.ssh/id_rsa is used.
You should see a welcome message.
Second, Check the Jenkins logs to see if there is any additional clues.
You might need to use an SSH key using the old PEM format:
ssh-keygen -m PEM -t rsa -P "" -f afile
I am currently setting up a virtual machine for my company's testing environment in vagrant. Of course, this machine needs to be able to pull from our github repositories. This should be achieved using the host machine's ssh keys. I have already set
config.ssh.forward_agent = true
in my vagrantfile, and connecting to github works fine in the vagrant user. However, since that machine needs to run jenkins, this needs to work for the jenkins user as well. Running ssh-add as jenkins does not add the host's key, though.
I found several semi-related discussions here on stackoverflow and on superuser, but none seemed to address or even solve the issue. I have no idea how to make this work, or whether this is possible at all in vagrant, so I am grateful for any pointers.
As you have not included any exact errors and what you have tried,
Let's say you are on the VM, and you want to git pull from a remote git repo
You also have a ssh private key on the VM, that is authorized to pull from the git repo via ssh:
Try this on the VM's cli:
git config core.sshCommand 'ssh -i /root/.ssh/git_private.key -F /dev/null' && ssh-agent sh -c 'ssh-add /root/.ssh/git_private.key; git pull'
and of course reference the correct path to the private ssh key that you would use to auth to git repo
I ran su command to switch to root. Using default password: vagrant.
From there su jenkins - switching user to jenkins, no password this time.
ran ssh-keygen - to generate the keys. Stored them in the default folder suggested: /var/lib/jenkins/ (actually overwrote the existing ones). That is the home folder of this jenkins user, because it is not a regular user/account, but so called "service account" I believe.
After that I just uploaded that .pub key to my bitbucket account, and everything ran fine, my jenkins could authenticate.
I would like to deploy a set of docker containers on a remote docker host using docker-compose -H ssh://user#host up
This works fine as I added my default public key (~/.ssh/id_rsa.pub) to the remote hosts authorized_keys
But how can I specify an alternative private key? Is there an option like when using ssh: ssh -i /path/to/key user#host ?
Background: I would like to trigger a docker-compose deployment on a remote Host using Jenkins. I created a Jenkins Credential of the Kind "SSH Username with private key". Using the credentials plugin I can also get a hold of the key using something like
withCredentials([sshUserPrivateKey(credentialsId: 'some.id', keyFileVariable: 'PKEY')]) {
// $PKEY points to temp. available key file
}
But I don't know how I could pass that to docker-compose -H ...
Or is there a way not to use a key and prompt for the password with a similar mechanism as in docker login --password-stdin?
I want to add some automated builds for my docker containers, so I linked my bitbucket account with docker. Then I created an automated build and choose a private bitbucket repo.
If I now trigger a build the build failed with the following error message:
Failed to clone repository: Cloning into
'/tmp/build_xxxx'... Warning: Permanently added the
RSA host key for IP address '131.103.20.xxx' to the list of known
hosts. Permission denied (publickey). fatal: Could not read from
remote repository. Please make sure you have the correct access rights
and the repository exists.
For public repos the build works without any problems.
Any ideas why private repos are not working?
You need to add the rsa public key of the user in your Docker container that you are using to connect to BitBucket
Generally the public key is under:
~/.ssh/id_rsa.pub
or you can generate one:
user#host $ ssh-keygen
then commit your docker container to create a new image:
docker commit <container-id> mycontainer:0.1