search

Unitech / pm2-deploy

Deploy part of PM2
http://pm2.keymetrics.io/docs/usage/deployment/
MIT License
178 stars 72 forks source link

Host verification failed #185

Open pke opened 4 years ago

pke commented 4 years ago

On the server I can clone my repo using a ~/.ssh/config file just fine.

However during pm2 deploy via GH actions and using SSH-Agent GH Action I get those errors:

[PM2] Spawning PM2 daemon with pm2_home=/home/runner/.pm2
[PM2] PM2 Successfully daemonized
--> Deploying to production environment
--> on host xxxxxxxxxxxxxxxxxx
fatal: HEAD does not point to a branch
  ○ deploying origin/master
  ○ executing pre-deploy-local
  ○ hook pre-deploy
Host key verification failed.
  ○ fetching updates
  ○ full fetch
Host key verification failed.
  fetch failed

Deploy key and SSH-Agent Secret are properly setup. What could I check on the server to see whats going wrong? I also have GH in the known_hosts file like this:

|1|wyuE7qS7vMnqwGKn1OijR6fiFkM=|oIz+ibUAaBVq7/k7nnm878bvAWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
|1|bkTHcwltNJR2PnF9J8vpT/+Va2k=|FHr/SLp19tu9KuMUCZ05dYWnbec= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
|1|xH47HLpSxWip8wMGVikJLn6BvFw=|Zf+DbrlxHdy2MtAG5cVKmd4ZPs4= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
pke commented 4 years ago

It seems when I disable strict host checking in the ecosystem file I am getting this result:

[PM2] Spawning PM2 daemon with pm2_home=/home/runner/.pm2
[PM2] PM2 Successfully daemonized
--> Deploying to production environment
--> on host MY.SERVER
fatal: HEAD does not point to a branch
  ○ deploying origin/master
  ○ executing pre-deploy-local
  ○ hook pre-deploy
Warning: Permanently added '[MY.SERVER]:36077,[45.10.26.70]:36077' (ECDSA) to the list of known hosts.

So the problem was that the HOST server that is deployed to was not in the known_hosts file of the CI system (GitHub). Is my conclusion correct? And should that maybe added to the FAQ?

codemilli commented 4 years ago

@pke I had same problem in GitHub Actions and I just updated ssh option in my ecosystem.json.

"ssh_options": "StrictHostKeyChecking=no",

and it just works.

pke commented 4 years ago

Sure this works and its a hack to circumvent security features ;)