Search code examples
sshgitlabvpsalpine-linuxcicd

SSH Connection issue from gitlab alpine runner

I'm facing a problem with gitlab ci. I have a deploy stage that is supposed to contact my VPS with ssh and asking my gitlab registry.

The problem is while y try to authenticate my alpine runner to my ssh. here is my deploy :

deploy:
  tags:
    - springVps
  image: alpine:3.6
  stage: deploy

  before_script:
   - apk update
   - 'which ssh-agent || ( apk update -y && apk add openssh-client -y )'
   - mkdir -p ~/.ssh
   - eval $(ssh-agent -s)
   - echo "$SSHVPS" | ssh-add -
   - ssh-keyscan -H myawesomedomain.fr >> ~/.ssh/known_hosts
  script:  
    - ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p 51 -v -v -v [email protected] "echo Hello, world!"

I've found this piece of code here : https://gitlab.com/gitlab-examples/ssh-private-key/-/issues/4#note_35042568

Here is my error message : SSH Permission denied (publickey,password)

note : i changed my ssh port from 22 to 51 but i had the same problem before.

Searched my error code and i found this post : Gitlab CI - SSH Permission denied (publickey,password)

I don't totally understand the Accepted answer :

You need to add the public key to the server so it would be recognized as an authentication key. This is, paste the content of the public key corresponding to the private key you are using to the ~/.ssh/authorized_keys on the $PRODUCTION_SERVER.

Does that mean i'm supposed to put my vps public key inside ~/.ssh/authorized_keys ? I executed the following command line on my vps : cat ~/.ssh/id_rsa.pub > ~/.ssh/authorized_keys

Now my ~/.ssh/authorized_keys contain my vps public key, but that does not fixed my issue. I've Also verified that my variable $SSHVPS has good value, i've tried to put the variable as file, and as variable, the variable is not portected. I've registered my vps public key inside gitlab.

Then i tried to connect to my vps from Local machine with this command line : ssh -i key [email protected] -p 51

and this command ask me a password, it does not seems normal that it ask me a password. I guess that is the reason of failing, my vps asks my alpine runner a password, but it is not supposed to.

I've made a lot of Search and its could be a permission mistake. I've found thoses command line to make ~/.ssh/authorized_keys Readable and editable.

Here is that i tried :

chmod -v 700 ~ 
chmod -v 700 ~/.ssh
chmod -v 600 ~/.ssh/authorized_keys

But i still have the same issue. I' running out of ideas, any help is welcome ;) Thanks for reading :-)

Solution

  • Update :

    Omg i just found what was my issue. I cant clearly explain what happened but i will tell you what has going wrong.

    I created a new user named "ftpuser" to connect to my ftp, but for some reasons when i login to my vps with root user, the permissions has been set for ftpuser in root folder i could have seen this with this command : ls -la ~ and also : ls -la ~/.ssh

    I cant explain why and how connecting to root i had ftpuser permissions but i solved the issue on this way : chown -R root:root ~ chown -R root:root ~/.ssh chown -R root:root ~/.ssh/authorized_keys

    you can see here the mistake : enter image description here