search

D3rHase / ssh-command-action

Action to run commands on remote server via ssh
MIT License
34 stars 11 forks source link

No ED25519 host key is known for *** and you have requested strict checking. #15

Open ariandanim opened 6 days ago

ariandanim commented 6 days ago

I have this code error when deploy

Run D3rHase/ssh-command-action@latest
/usr/bin/docker run --name c3998c238504c8b8374b0181b2adae7378e399_933867 --label c3998c --workdir /github/workspace --rm -e "INPUT_HOST" -e "INPUT_PORT" -e "INPUT_USER" -e "INPUT_PRIVATE_KEY" -e "INPUT_HOST_FINGERPRINT" -e "INPUT_COMMAND" -e "HOST" -e "PORT" -e "USER" -e "PRIVATE_KEY" -e "HOST_FINGERPRINT" -e "COMMAND" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY
>> Public ssh fingerprint found, man-in-the-middle protection enabled.
No ED25519 host key is known for *** and you have requested strict checking.
Host key verification failed.
D3rHase commented 6 days ago

Hey @ariandanim,

The error message you’re encountering:

No ED25519 host key is known for *** and you have requested strict checking.
Host key verification failed.

indicates that the SSH client cannot verify the server’s identity due to a missing or incorrect host key.

Possible Causes:

  1. Missing Host Key: The server’s host key has not been provided.
  2. Incorrect Host Key: The provided host key does not match the server’s actual key, possibly due to server changes or updates.

How to Solve:

  1. Disable Fingerprint Checking If you don’t want to use fingerprint verification (though this makes you vulnerable to man-in-the-middle attacks), you can disable it by not providing the fingerprint in the action call:
- name: Run remote command via SSH
  uses: D3rHase/ssh-command-action@latest
  with:
    host: ${{ secrets.HOST }}
    port: ${{ secrets.PORT }}
    user: ${{ secrets.USER }}
    private_key: ${{ secrets.PRIVATE_KEY }}
    command: echo 'Hello, World!'
  1. Update Your Provided Fingerprint If you prefer to use fingerprint verification (recommended for better security), follow the guide in the repository’s README file to retrieve and set the host key as a repository secret. You can find it here: Host Fingerprint Guide

I hope this helps! Feel free to reach out if you have further questions.