Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Works as described, but GH still refuses the key #4

Open
andrewconnell opened this issue Sep 14, 2016 · 2 comments
Open

Works as described, but GH still refuses the key #4

andrewconnell opened this issue Sep 14, 2016 · 2 comments

Comments

@andrewconnell
Copy link

andrewconnell commented Sep 14, 2016
edited
Loading

Elegant solution, but not working for me... missing something?

I can run the tests and see that the key is being copied in, but when I try to clone, I keep getting the dreaded:

Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists.

Running the server container just fine:

docker run -v ~/.ssh/id_rsa:/root/.ssh/id_rsa --name=keyserver -d mdsol/docker-ssh-exec -server

And verified it's working:

docker run --rm -it mdsol/docker-ssh-exec cat /root/.ssh/id_rsa

Which yields:

Broadcasting UDP key request...
Got key from server.
Writing key to /root/.ssh/id_rsa
Running command: cat /root/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,96649B0D4A67E5B370482C3873039948

MiaCG/AcOtMrFmAkElFPNJcr5T6q78XeswGcg/kuh/lQgCBCnLc5FL6WVA2/IOjA<snip>
-----END RSA PRIVATE KEY-----
Command completed successfully.
Deleting key file /root/.ssh/id_rsa...

But when I try to run npm install or just a simple git clone frm within my Dockerfile like this:

ADD docker-ssh-exec /tmp
RUN /tmp/docker-ssh-exec git clone [email protected]:[me]/[repo].git

... it always errors out:

Step 6 : RUN /tmp/docker-ssh-exec git clone [email protected]:[me]/[repo].git
 ---> Running in c57083506876
Broadcasting UDP key request...
Got key from server.
Writing key to /root/.ssh/id_rsa
Running command: git clone [email protected]:[me]/[repo].git
Cloning into '[repo]'...
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
ERROR: command 'git clone [email protected]:[me]/[repo].git' exited with status 128
Deleting key file /root/.ssh/id_rsa...
The command '/bin/sh -c /tmp/docker-ssh-exec git clone [email protected]:[me]/[repo].git' returned a non-zero code: 128

Running the same git clone command from the host works. I suspect it has something to do with the fact that a known_hosts isn't getting created (ala: http://stackoverflow.com/a/29380765). When I remove that file from my host, it doesn't work, but when it's there, it does work.

Ideas?
@jpstrikesback
Copy link

jpstrikesback commented Dec 19, 2016
edited
Loading

In your Dockerfile you can run ssh-keyscan to inject the known hosts:

ONBUILD RUN ssh-keyscan -t ``rsa'' -H github.com >> /etc/ssh/ssh_known_hosts

@joaocc
Copy link

joaocc commented Mar 18, 2018

You may also add echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config instead

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jpstrikesback @andrewconnell @joaocc