We have a RHEL 7 remote server where I created a dummy user called gitlabci.
- While SSH’d into the remote server, I generated a public-private key pair (
id_rsa)- Uploaded the public key as a deploy key for use later when we get our CI set up
- Generated a public-private key pair in my local machine
- Added the public key to the remote server’s
authorized_keys - Added the private key to the project’s CI environment variables
- Added the public key to the remote server’s
The idea is when the CI runs, the GitLab runner will SSH into the remote server as the gitlabci user I created then fetch the branch into the web directory.
I thought I have set up the keys properly but whenever the runner tries to SSH, the connection gets refused.
$ which ssh-agent || ( apt-get update -y && apt-get install openssh-client git -y )
...
$ eval $(ssh-agent -s)
Agent pid 457
$ echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
Identity added: (stdin) (GitLab CI)
$ mkdir -p ~/.ssh
$ chmod 700 ~/.ssh
$ [[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
$ ssh gitlabci@random.server.com
Pseudo-terminal will not be allocated because stdin is not a terminal.
ssh: connect to host random.server.com port 22: Connection refused
ERROR: Job failed: exit code 1
When I tried to SSH into the remote server using the key pair I generated it did work.
$ ssh -i ~/.ssh/gitlabci gitlabci@random.server.com
Last login: Mon Nov 4 13:49:59 2019 from machine01.work.server.com