is there a way that i can SSH to VM using yaml by using Jumphost?
The action will be like.
github(action) -> ssh user#ip (jumphost) -> ssh user#ip (prod server)
Add this action https://github.com/marketplace/actions/ssh-command on your workflow then write your scripts in the command option.
Related
I want to copy files using rsync over ssh, but a "Cannot execute command-line and remote command." is raised, meanwhile it works fine with scp.
Command : rsync -ravh folder XXX:folder
My ssh config is configured as follows :
Host XXX
Hostname YY
User user
RequestTTY yes
RemoteCommand bash --init-file ~/.bashrc
I noticed that by removing the RemoteCommand option, rsync does the job.
How could I manage to make rsync work while using my current ssh host config ?
Thanks in advance.
Connection to created Droplet via SSH by Github Actions runner.
My steps:
ssh-keygen -t rsa -f ~/.ssh/KEY_NAME -P ""
doctl compute ssh-key create KEY --public-key "CONTENT OF KEY_NAME.pub"
doctl compute droplet create --image ubuntu-20-04-x64 --size s-1vcpu-1gb --region fra1 DROPLET_NAME --ssh-keys FINGERPRINT --wait
ssh -vvv -i ~/.ssh/KEY_NAME root#DROPLET_IP
✔️ Tested on Windows local machine using doctl.exe runned from cmd - works!
✔️ Tested on Docker (installed on Windows) based on Linux image using doctl script - works!
⚠️ Tested on Github Actions runner based on ubuntu-latest using digitalocean/action-doctl script - doesn't work!
Received message is: connect to host ADDRESS_IP port 22: Connection refused.
So the steps are correct, so why does this not work for Github Actions?
If you are using the GitHub Action digitalocean/action-doctl, check issue 14 first:
In order to SSH into a Droplet, doctl needs access to the private half of the SSH key pair whose public half is on the Droplet.
Currently the doctl Action is based on a Docker container.
If you were using the Docker container directly, you could invoke it with:
docker run --rm --interactive --tty \
--env=DIGITALOCEAN_ACCESS_TOKEN=<YOUR-DO-API-TOKEN> \
-v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa \
digitalocean/doctl compute ssh <DROPLET-ID>
in order to mount the SSH key from outside the container.
You might be better off just using doctl to grep the Droplet's IP address and using this Action that is more focused on SSH related use cases and provides a lot of additional functionality: marketplace/actions/ssh-remote-commands.
i have a server which is access remote connection only with SSH key auth
i have a key which is stored in my home directory with .pem extension
but when im trying to copy file using the scp command
scp /home/myfilewhichiwannatocopy core#54.32.14.156:/home/core the server asks for password but i don't have it ( btw normal connection using the ssh -i /.ssh/mg.service.pem core#54.32.14.156 fully works) and how to make the scp command for using the key auth?
scp -i /path/to/key.pem somefile.txt user#<machine>:/path
Might I also add, you can consult the man pages https://linux.die.net/man/1/scp
I had an existing opensuse 64 bit machine which i exported using
vagrant package --base opensuse64 --output opensuse.box
After creating box I created another folder 'package-test' and copied the created box file there. Then I used
vagrant init opensuse opensuse.box
and then
vagrant up
but I am unable to connect to it via ssh.
Am I doing something wrong?
Thanks
To make vagrant ssh work, your OpenSUSE VM has to be configured for Public Key Authentication using Vagrant's key pair.
If you want to use password authentication, you'll have to specify the ssh port and use username/password known to you.
NOTE: If this is a vagrant base box, by default you can login as vagrant/vagrant with sudo privilege, as per the packaging guide.
If you want to use your own key pair, you can copy the public key and add it to the VM's ~/.ssh/authorized_keys.
Examples
Manual (1 liner)
cat /path/to/vagrant.pub | ssh user#host 'cat >> ~/.ssh/authorized_keys'
Use ssh-copy-id
# -i defaults to ~/.ssh/id_rsa.pub
ssh-copy-id user#host
# custom pub key
ssh-copy-id -i vagrant.pub user#host
NOTE: make sure ~/.ssh and ~/.ssh/authorized_keys in the VM have proper permission.
I need to access from a PHP script a database hosted on another machine which is accessible only via SSH using a bridge machine.
How can I setup a tunnel so that I can tunnel the connection from my machine to the database passing through the 'bridge' machine?
It is actually quite simple. It is just a matter of a single command:
ssh -N -L localhost:3306:DATABASE_MACHINE:3306 BRIDGE_MACHINE_USER#BRIDGE_MACHINE
You should use ssh -L option to do this
You can read this: http://www.revsys.com/writings/quicktips/ssh-tunnel.html