appleboy
commented
4 years ago please post your config.
Closed slimani-dev closed 4 years ago
appleboy
commented
4 years ago please post your config.
slimani-dev
commented
4 years ago please post your config.
name: CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
build:
name: Production
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: borales/actions-yarn@v2.0.0
with:
cmd: install # will run `yarn install` command
- uses: borales/actions-yarn@v2.0.0
with:
cmd: build # will run `yarn build` command
#- uses: borales/actions-yarn@v2.0.0
# with:
# cmd: test # will run `yarn test` command
- name: copy file via ssh password
uses: appleboy/scp-action@master
with:
host: ${{ secrets.SERVER }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: 22
source: "dist/*"
target: ${{ secrets.PATH }}
clairmont32
commented
4 years ago @appleboy I am having the same issue despite giving the secret the private key. I copy/pasted your section of the config from the marketplace docs and created /opt/app on my Digital Ocean droplet to mirror what the defaults were for the action. Here's the Actions output and config:
name: Build and deploy
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v2
with:
go-version: ^1.13
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v2
- name: Get dependencies
run: |
go get -v -t -d ./...
if [ -f Gopkg.toml ]; then
curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
dep ensure
fi
- name: Build
id: build-project
run: go build -v .
- name: Deploy to DO
if: success()
uses: appleboy/scp-action@master
env:
HOST: ${{ secrets.HOST }}
USERNAME: ${{ secrets.USERNAME }}
PORT: ${{ secrets.PORT }}
KEY: ${{ secrets.SSHKEY }}
with:
source: "."
target: "/opt/app"
- name: Post deploy fail commands for debugging
if: failure()
run: |
ls
curl checkip.dyndns.com```@clairmont32 Please don't use env setting. see the reference: https://github.com/appleboy/scp-action#input-variables
with:
host: ${{ secrets.SERVER }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSHKEY }}
port: ${{ secrets. PORT }}Hi @appleboy, that didnt yield a different result. If it's supposed to be with instead of env the marketplace docs will need to be updated. I think this may be a local server config but I'm able to SSH into it with only cert auth from 2 other machines so I'm unsure as to why the action is failing. I'm going to try a manual SCP command when I get a chance to see if I can get it to work that way.
appleboy
commented
4 years ago @clairmont32 I updated the docs.
appleboy
commented
4 years ago I will release a new version for this feature. ref: https://github.com/appleboy/ssh-action/issues/36
appleboy
commented
4 years ago Please try the 0.0.9 version. https://github.com/appleboy/scp-action/releases/tag/v0.0.9
amoravec
commented
4 years ago I'm still seeing the exact error with v.0.0.9. Please consider re-opening.
target: /home2/***/public_html/staging rm: true host: *** username: *** key: *** passphrase: *** port: 22 timeout: 30s command_timeout: 10m strip_components: 0 overwrite: false proxy_port: 22 proxy_timeout: 30s /usr/bin/docker run --name c27d31630ce8dd596b4b11b133a6e413a3c5df_00e74d --label c27d31 --workdir /github/workspace --rm -e INPUT_SOURCE -e INPUT_TARGET -e INPUT_RM -e INPUT_HOST -e INPUT_USERNAME -e INPUT_KEY -e INPUT_PASSPHRASE -e INPUT_PORT -e INPUT_PASSWORD -e INPUT_TIMEOUT -e INPUT_COMMAND_TIMEOUT -e INPUT_KEY_PATH -e INPUT_STRIP_COMPONENTS -e INPUT_OVERWRITE -e INPUT_TAR_TMP_PATH -e INPUT_PROXY_HOST -e INPUT_PROXY_PORT -e INPUT_PROXY_USERNAME -e INPUT_PROXY_PASSWORD -e INPUT_PROXY_PASSPHRASE -e INPUT_PROXY_TIMEOUT -e INPUT_PROXY_KEY -e INPUT_PROXY_KEY_PATH -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/naturally-aligned/naturally-aligned":"/github/workspace" c27d31:630ce8dd596b4b11b133a6e413a3c5df tar all files into /tmp/917139578/xKyRPGoFTR.tar scp file to server. 2020/05/04 20:01:13 error copy file to dest: ***, error message: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group-exchange-sha256] drone-scp error: error copy file to dest: ***, error message: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group-exchange-sha256]
appleboy
commented
4 years ago @amoravec Could you provide some instructions about how to generate the ssh key, your ssh server version, and related config?
amoravec
commented
4 years ago I generated the keys with ssh-keygen.. 'ssh-keygen -t rsa -b 4096' Local SSH version : SSH-2.0-OpenSSH_8.0p1 Ubuntu-6build1 The remote server is OpenSSH 7.4.
The server is a hosting provider, I cannot read the configuration, but looking at ssh -vvv, it appears they have locked down the KexAlgorithm to only 'diffe-hellman-group-exchange-sha256'..
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr
debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr
debug2: MACs ctos: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-ripemd160@openssh.com
debug2: MACs stoc: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-ripemd160@openssh.com
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug3: send packet: type 34
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent
debug3: receive packet: type 31
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 4105/8192
debug3: send packet: type 32
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug3: receive packet: type 33
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
JohannesKuehnel
commented
4 years ago @clairmont32 Did you solve your issue? I am running into the same error.
scp file to server. 2020/05/22 11:59:25 error copy file to dest: , error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain drone-scp error: error copy file to dest: , error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
Actions Config:
name: Jekyll site CI
on:
push:
branches:
- master
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Build the site in the jekyll/builder container
run: |
docker run \
-v ${{ github.workspace }}:/srv/jekyll -v ${{ github.workspace }}/_site:/srv/jekyll/_site \
jekyll/builder:3.8 /bin/bash -c "chmod 777 /srv/jekyll && jekyll build --future"
- uses: actions/upload-artifact@master
with:
name: _site
path: _site
publish:
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/download-artifact@v2
with:
name: _site
path: _site
- name: copy file via ssh
uses: appleboy/scp-action@master
with:
host: ${{ secrets.DEPLOY_HOST }}
username: ${{ secrets.DEPLOY_USERNAME }}
key: ${{ secrets.DEPLOY_KEY }}
passphrase: ${{ secrets.DEPLOY_PW }}
source: "_site/*"
target: ${{ secrets.DEPLOY_PATH }}
strip_components: 1SSH-Key was generated via ssh-keygen -t ed25519 -a 100 and the public key is in my server's authorized_key file and connecting via console works.
appleboy
commented
4 years ago @amoravec Can you help to try the v0.0.11 version. https://github.com/appleboy/scp-action/releases/tag/v0.0.11
clairmont32
commented
4 years ago @JohannesKuehnel honestly, I haven't tried in a couple weeks due to various work/life things.
@appleboy I'll give it a try this weekend as well
appleboy
commented
4 years ago @clairmont32 Please update your client ssh config:
/etc/ssh/ssh_configKexAlgorithms setting and add diffie-hellman-group-exchange-sha256appleboy
commented
4 years ago @clairmont32 I will bump the new version to fix this issue.
appleboy
commented
4 years ago @clairmont32 Please try the https://github.com/appleboy/scp-action/releases/tag/v0.1.0 version and update config as following:
- name: use insecure cipher
uses: appleboy/scp-action@v0.1.0
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSH2 }}
passphrase: ${{ secrets.PASSPHRASE }}
port: ${{ secrets.PORT }}
source: "tests/a.txt,tests/b.txt"
target: "test"
use_insecure_cipher: trueYou must make sure the use_insecure_cipher set as true.
clairmont32
commented
4 years ago @appleboy I copy/pasted the above but kept my source, target, and changed SSH2 to SSHKEY since that's my secret's name. I received the below error. Please let me know if there's anything I need to do on the server side or change within the action.
unicornware
commented
2 years ago @appleboy i used your suggested config, but i'm still receiving the following error:
error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remainmy config:
- id: create-secret-files
name: Create secret files
run: |
mkdir -p $SSL_SOURCE
echo $DOPPLER_PROJECT >> .env.doppler
echo $DOPPLER_TOKEN >> .env.doppler
echo $SSL_CERTIFICATE >> $SSL_SOURCE/fullchain.pem
echo $SSL_CERTIFICATE_KEY >> $SSL_SOURCE/privkey.pem
echo $SSL_TRUSTED_CERTIFICATE >> $SSL_SOURCE/chain.pem
env:
DOPPLER_PROJECT: ${{ secrets.DOPPLER_PROJECT }}
DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN_VM }}
SSL_CERTIFICATE: ${{ secrets.SSL_CERTIFICATE }}
SSL_CERTIFICATE_KEY: ${{ secrets.SSL_CERTIFICATE_KEY }}
SSL_SOURCE: nginx/ssl/letsencrypt/${{ secrets.HOSTNAME }}
SSL_TRUSTED_CERTIFICATE: ${{ secrets.SSL_TRUSTED_CERTIFICATE }}
- id: ssh-root-files
name: Upload root project files to VM
uses: appleboy/scp-action@v0.1.2
with:
debug: true
host: ${{ secrets.SSH_HOST }}
key: ${{ secrets.SSH_KEY }}
rm: true
source: .env.doppler,docker-cloud.yml,docker-compose.yml
target: /opt/sneusers/
use_insecure_cipher: true
username: ${{ secrets.SSH_USERNAME }}
- id: ssh-nginx-config
name: Upload Nginx configuration to VM
uses: appleboy/scp-action@v0.1.2
with:
debug: true
host: ${{ secrets.SSH_HOST }}
key: ${{ secrets.SSH_KEY }}
rm: true
source: nginx/
strip_components: 1
target: /opt/sneusers/nginx/
use_insecure_cipher: true
username: ${{ secrets.SSH_USERNAME }}
XiangBo-EvanZuo
commented
2 years ago scp file to server. 2022/04/01 11:45:15 error copy file to dest: , error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain drone-scp error: error copy file to dest: , error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain
XiangBo-EvanZuo
commented
2 years ago I'am so painful ,could you help me, sir
XiangBo-EvanZuo
commented
2 years ago I use the password and username to copy the dir to remote machine. why there is an error here, I can't understand.
XiangBo-EvanZuo
commented
2 years ago error password. thx guys. I hope the error message can be more clearly.
Tikam02
commented
2 years ago scp file to server. 2022/04/03 14:45:04 error copy file to dest: , error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain drone-scp error: error copy file to dest: , error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
@appleboy Any updates?
webbyus
commented
1 year ago Problem has been fixed
use_insecure_cipher: true
eskayamadeus
commented
1 year ago scp file to server. 2022/04/03 14:45:04 error copy file to dest: , error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain drone-scp error: error copy file to dest: , error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
@appleboy Any updates?
I have the same problem
I'm getting this error
complete log