4

I am going to create automatic deploy to my testing server via SSH in Github Actions. I was created connecting by private key. It's work correctly on local (tested in ubuntu:latest docker image), but when I push my code into repository I got error.

Run ssh -i ~/.ssh/private.key -o "StrictHostKeyChecking no" ***@*** -p *** whoami
Warning: Permanently added '[***]:***' (ED25519) to the list of known hosts.
Load key "/home/runner/.ssh/private.key": error in libcrypto
Permission denied, please try again.
Permission denied, please try again.
***@***: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
Error: Process completed with exit code 255.

My workflow code:

name: Testing deploy
on:
  push:
    branches:
      - develop
      - feature/develop-autodeploy
jobs:
  build:
    name: Build and deploy
    runs-on: ubuntu-latest
    steps:
      - run: mkdir -p ~/.ssh/
      - run: echo "{{ secrets.STAGING_KEY }}" > ~/.ssh/private.key
      - run: chmod 600 ~/.ssh/private.key
      - run: ssh -i ~/.ssh/private.key -o "StrictHostKeyChecking no" ${{ secrets.STAGING_USER }}@${{ secrets.STAGING_HOST }} -p ${{ secrets.STAGING_PORT }} whoami

I was tried 3rd-hand packages e.g. D3rHase/ssh-command-action and appleboy/ssh-action with another errors.

Improve this question

3 Answers 3

Reset to default
6

It's always a good idea to check the contents of the file containing the private key, using:

ssh-keygen -l -f ~/.ssh/private.key

In my case a trailing newline was missing.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I swear, what kind of evil person comes up with the requirements for trailing newlines? This was my problem as well.
4

Resolved. In line, where I making private.key file missing $ character. My bad.

Improve this answer

2 Comments

Are you referring to this line: echo "{{ secrets.STAGING_KEY }}" > ~/.ssh/private.key, right?
Yes, this line. I changed {{ secrets.STAGING_KEY }} to ${{ secrets.STAGING_KEY }}
0

I missed these 2 lines.

-----BEGIN OPENSSH PRIVATE KEY----- -----END OPENSSH PRIVATE KEY-----

line, which i thought is not needed. after which it started working.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.