So I want to build a pipeline that copies the content of a publish command to my Windows Server. To do that I use the folowing
- pipe: atlassian/scp-deploy:0.3.9
variables:
USER: $SSH_USER
SERVER: $IP_ADDRESS
REMOTE_PATH: $REMOTE_PATH
LOCAL_PATH: 'release/**'
DEBUG: 'true'
Not that goes pretty well but I get an access denied ofcourse because the server wont let me in.
So in order to solve that (I think) I need to install the public SSH key in my Windows Server.
So I have a public key string in BitBucket > Repository Settings > SSH Keys (under Pipelines)
How do I now install that public key in my Windows Server so the pipeline will be granted access?
I read about ssh-copy-id -i my_ssh_key username#remote_host. But that isn't a Windows command.
Related
I run Rundeck v4.1.2, using docker-compose.
I have created a test key pair. I have entered the private key into key storage under the path keys/test using the GUI, and configured the target node to require it for SSH access. I have added the public key under /home/rundeck/.ssh/authorized_keys on the target node.
The resources.xml file looks like this:
server18:
nodename: server18
hostname: server18.rc-group.local
osVersion: 18.04
osFamily: unix
osArch: amd64
description: target-test
osName: Ubuntu
username: rundeck
ssh-authentication: privateKey
ssh-privateKey-storage-path: keys/test
When I try to connect using command line SSH and the same private key, it works fine. So the key is fine, and the target node config is fine.
When, in the GUI, I try to run the "hostname" command on the same target node, I get:
Failed: AuthenticationFailure: Authentication failure connecting to node: "server18". Make sure your resource definitions and credentials are up to date.
Can someone spot what I'm missing?
Use ssh-key-storage-path attribute instead of ssh-privateKey-storage-path in your node definition, you can see the valid attributes here.
I had been using VSCode's remote-ssh to access my virtual machines running on google cloud. This had been working perfectly fine until I made a snapshot of my most recent instance and created a new instance out of this on a larger VM. Now when I try to connect (through any method) I get: " Permission denied (publickey).". I have spent countless hours deleting and re-adding, and recreating my ssh keys to no avail. Before I simply ran "gcloud compute config-ssh" and this created a working config file, but now this works. Please help, I have tried everything and there is simply no way for me to ssh. On the website I can click the ssh button to open up their shell, but cannot do it from my terminal
The problem may be related to the lack of identification of your SSH private key during connection in VSCode. You can indicate your private key adding IdentityFile option pointing to your SSH private key, this in your SSH connection host entries in SSH configuration files:
Host vm_name
HostName external_ip
IdentityFile /path/to/ssh_private_key
Port port_number
Here the long story if you or someone need more information.
You can go from the start for ensure that you do no have compromise your SSH keys and that is the origin of problem.
Create SSH Key
First, create new ssh keys.In the computer that you will use to access your remote host, that is Google VM instance, open your terminal or cmd and go to the ssh folder to generate the keys.
My ssh config and keys are under my user directory, /home/my_user/.ssh on Linux or C:\Users\my_user\.ssh on Windows.
The I will cd to one of these path, depending on for which of them I using at the moment.
Linux:
cd /home/my_user/.ssh
Windows:
cd C:\Users\my_user\.ssh
Command to generate SSH key
ssh-keygen -t rsa -f my_ssh_key -C user
my_ssh_key: the name your key, you can put what you want to better identify
user: must be the user that you want to use to connect at your Google VM instance.
This will generate an Private Key named my_ssh_key and a Public key named my_ssh_key.pub.
Alternatively, stay in any location of operating system and passing the absolute path where to generate the keys:
Linux:
ssh-keygen -t rsa -f /home/my_user/.ssh/my_ssh_key -C user
Windows:
ssh-keygen -t rsa -f C:\Users\my_user\.ssh\my_ssh_key -C user
Copy the public key in your Google cloud VM authorized_keys file
/home/my_user/.ssh/authorized_keys
** Do not rewrite anyone public key that already exists jus append in the file of authorized_keys file.
Add new ssh Host entry for remote connection
Click on Remote SSH manager, the icon at the bottom right of the VS Code, click on the Remote SSH: Open Configuration File option and choose your ssh configuration file to add another SSH entry for remote connection.
The config file must be under SSH directory, the same path used in the step of generate SSH keys.
Linux:
/home/my_user/.ssh/config
Windows:
C:\Users\my_user\.ssh\config
To add another Host, write the following make the properly changes:
Host vm_name
HostName external_ip
IdentityFile /path/to/ssh_private_key
Port port_number
vm_name: is alias to connect with ssh command in practical way, could be what you want.
external_ip: the external of your Google VM instance, you can get in the VM instances panel at https://console.cloud.google.com/
IdentityFile: the path for yout private SSH key, the file that you generated that note have .pub extension.
Linux:
/home/my_user/.ssh/my_ssh_key
Windows:
C:\Users\my_user\.ssh\my_ssh_key
Port: the por number of SSH of your Google VM instance, 22 is the default port.
Now it is just choose this host to connect to your Google VM instance.
For more details about SSH settings on Google Cloud Platform: https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#linux-and-macos_1
What I need to do is to SSH public server (which is shared hosting) and run a script that starts the deployment process.
I followed what's written here:
I've created a key pair in Settings > Pipelines > SSH Keys
Then I've added the IP address of the remote server
Then I've appended the public key to the remote server's ~/.ssh/authorized_keys file
When I try to run this pipeline:
image: img-name
pipelines:
branches:
staging:
- step:
deployment: Staging
script:
- ssh remote_username#remote_ip:port ls -l
I have the following error:
Could not resolve hostname remote_ip:port: Name or service not known
Please help!
The SSH command doesn't take the ip:port syntax. You'll need to use a different format:
ssh -p port user#remote_ip "command"
(This assumes that your remote_ip is publicly-accessible, of course.)
I am trying to SSH into the server as part of the deployment job in CircleCI
ssh -oStrictHostKeyChecking=no $DEV_DROPLET_USER#$DEV_DROPLET_IP
I have my SSH private key for the user on this server loaded into CircleCI but everytime I run the job, I get this output
Warning: Permanently added '$host' (ECDSA) to the list of known hosts.
<$user>#<$host>'s password:
How can I stop it prompting me for the password?
I have added the SSH key for this user to the SSH Agent on the server (these instructions)
For a passwordless ssh connection, you must:
put the private ssh key into a file in the directory $HOME/.ssh/ on the client computer connecting to the server (example : $HOME/.ssh/MyServer)
copy the public ssh key into the file $HOME/.ssh/authorized_keys on the server
have writing permission on the file $HOME/.ssh/known_hosts on the client computer
The sshd service is normally already configured to accept key based authentication.
From the client computer, you can now do a passwordless connection ssh -i $HOME/.ssh/MyServer $DEV_DROPLET_USER#$DEV_DROPLET_IP
Of course, on the client computer your $DEV_DROPLET_USER must have appropriate permissions for accessing the ssh related files.
You don’t need to do anything with the ssh agent, on the client or on the server.
Late reply, but I hope it helps somebody else in the future.
Assuming you followed these instructions in the CircleCI docs, then the private key will automatically be copied to the machine being used by CircleCI when the add_ssh_keys step is run.
Make sure one the server you are trying to SSH into, the public key generated (in ~/.ssh/id_rsa.pub or something similar) is copied to the ~/.ssh/authorized_hosts file on the same server. This crucial step is what allows anybody with the private key (CircleCI) to be allowed into the server.
I installed the OpenSSH on my Windows 7 Machine. I want to connect to the remote Linux machine without typing password. I followed the bellow instructions but the SSH needs password to establish the connection yet.
Open CMD and run: ssh-keygen -t rsa (The public and private keys are generated in the C:\Users\user.ssh) folder
Copy the id_rsa.pub content into /home/kouhi/.ssh/authorized_keys in my Linux remote machine
In Linux Machine run: chmod 700 .ssh
In Linux Machine run: chmod 644 .ssh/authorized_keys
When I try to Ssh kouhi#remote.com the connection ask me the password yet.
Also I tied Ssh -i C:\Users\user.ssh\id_rsa kouhi#remote.com
Also I get the following reply when run the ssh command:
###########################################################
# WARNING: UNPROTECTED PRIVATE KEY FILE! #
###########################################################
Permissions 0644 for 'C:\\Users\\user\\id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: C:\\Users\\user\\id_rsa
As per this other question:
Right-click on the [private key file], select Properties then Security. Click Advanced, then Edit. Uncheck "Inheritable" and choose "Remove" in the dialog. Remove any explicit permissions left, add a "Full Access" permission to your username.
Step 1 : Open your windows powershell
Step 2 : Type command ssh-keygen -t rsa
Step 3 : Now a private and public is generated and we have to copy this
public key into the remote linux server.For that do the below
steps.
- Copy the public key stored C:\Users\User/.ssh/id_rsa.pub
(Don't copy through GUI as it will give error,use powershell
itself)
Step 4 : Now login to your remote server using your ID and password
Step 5 : Now paste the copied public key in /.ssh/authorized_keys
using vim editor.
Step 6 : Now login from your windows powershell without password
TIPS : Try ssh restart , clear your earlier generated keys in authorised key folder and id_rsa.pub if you get errors and do as fresh