search

shimataro / ssh-key-action

GitHub Action that installs SSH key to .ssh
https://github.com/marketplace/actions/install-ssh-key
MIT License
578 stars 87 forks source link

Cannot connect to SSH via Github action #245

Closed wpplumber closed 9 months ago

wpplumber commented 1 year ago

I use the following yml file to deploy my website code via SSH but I meet the error below:

on:
  push:
    branches:
      - main
  workflow_dispatch:
jobs:

  build:
    name: Build Website
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v2

      - name: Install Dependencies
        run: yarn install --frozen-lockfile
      - name: Build SSR
        run: npx quasar build -m ssr

      - name: Upload Build Artifacts
        uses: actions/upload-artifact@v2
        with:
          name: build-artifacts
          path: './dist/ssr'

  deploy:
    name: Deploy to Production
    runs-on: ubuntu-latest
    needs: [build]

    steps:
      - name: Install SSH Key
        uses: shimataro/ssh-key-action@v2
        with:
          key: ${{ secrets.SSH_KEY }}
          known_hosts: 'just-a-placeholder-so-we-dont-get-errors'

      - name: Adding Known Hosts
        run: ssh-keyscan -p ${{ secrets.SSH_PORT }} -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts

      - name: Deploy with rsync
        # run: rsync -avz -e "ssh -p ${{ secrets.SSH_PORT }}" ./dist/ssr ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }}:${{ vars.HOST_PATH }}
        run: rsync -avz -e "ssh -oHostKeyAlgorithms=+ssh-rsa -p ${{ secrets.SSH_PORT }}" ./dist/ssr/ ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }}:${{ vars.HOST_PATH }}

Error:

##[debug]Evaluating condition for step: 'Deploy with rsync'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: Deploy with rsync
##[debug]Loading inputs
##[debug]Evaluating: format('rsync -avz -e "ssh -oHostKeyAlgorithms=+ssh-rsa -p {0}" ./dist/ssr/ {1}@{2}:{3}', secrets.SSH_PORT, secrets.SSH_USER, secrets.SSH_HOST, vars.HOST_PATH)
##[debug]Evaluating format:
##[debug]..Evaluating String:
##[debug]..=> 'rsync -avz -e "ssh -oHostKeyAlgorithms=+ssh-rsa -p {0}" ./dist/ssr/ {1}@{2}:{3}'
##[debug]..Evaluating Index:
##[debug]....Evaluating secrets:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'SSH_PORT'
##[debug]..=> '***'
##[debug]..Evaluating Index:
##[debug]....Evaluating secrets:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'SSH_USER'
##[debug]..=> '***'
##[debug]..Evaluating Index:
##[debug]....Evaluating secrets:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'SSH_HOST'
##[debug]..=> '***'
##[debug]..Evaluating Index:
##[debug]....Evaluating vars:
##[debug]....=> Object
##[debug]....Evaluating String:
##[debug]....=> 'HOST_PATH'
##[debug]..=> '/home/***/ssr/'
##[debug]=> 'rsync -avz -e "ssh -oHostKeyAlgorithms=+ssh-rsa -p ***" ./dist/ssr/ ***@***:/home/***/ssr/'
##[debug]Result: 'rsync -avz -e "ssh -oHostKeyAlgorithms=+ssh-rsa -p ***" ./dist/ssr/ ***@***:/home/***/ssr/'
##[debug]Loading env
Run rsync -avz -e "ssh -oHostKeyAlgorithms=+ssh-rsa -p ***" ./dist/ssr/ ***@***:/home/***/ssr/
##[debug]/usr/bin/bash -e /home/runner/work/_temp/34c64e52-8d53-407f-9c49-c1e6fd415600.sh
sign_and_send_pubkey: no mutual signature supported
Permission denied, please try again.
Permission denied, please try again.
***@***: Permission denied (publickey,password).
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(231) [sender=3.2.7]
Error: Process completed with exit code 12.
##[debug]Finishing: Deploy with rsync

FYI I'm able to connect via ssh using other machine!

I expect to connect without problem!

martijngastkemper commented 1 year ago

My first thought was the port configuration. The man page says rsync [OPTION...] SRC... rsync://[USER@]HOST[:PORT]/DEST (https://linux.die.net/man/1/rsync). But if you made a mistake there I would expect a connection error instead of an authentication error.

The error sign_and_send_pubkey: no mutual signature supported might point to the HostKeyAlgorithms flag. If you connect with a server that has an up to date OS version I wouldn't expect this to be necessary.

Can you share the ssh command and configuration that works?

wpplumber commented 1 year ago

The man page says rsync [OPTION...] SRC... rsync://[USER@]HOST[:PORT]/DEST

I see that I'm not using that figure!

The successful cmd is: ssh user@ip -pXXXXX

~/.ssh/config:

Host *
PubkeyAcceptedKeyTypes +ssh-dss
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
codespearhead commented 9 months ago

@wpplumber So is the problem solved?

wpplumber commented 9 months ago

No more progress in the project using this.

Thank you for your interest.