Previously I’m able to ssh to the remote user using these steps
deploy_to_staging:
stage: deploy
before_script:
- 'which ssh-agent || (apk add openssh-client)'
- eval "$(ssh-agent -s)"
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
script:
- export SSH_DEPLOY_SERVER="ssh -o StrictHostKeyChecking=no ${DEPLOY_USER}@${DEPLOY_SERVER}"
- ${SSH_DEPLOY_SERVER} "whoami";
Then I’ve added more job that ssh to the different remote server
deploy_to_production:
stage: deploy
before_script:
- 'which ssh-agent || (apk add openssh-client)'
- eval "$(ssh-agent -s)"
- echo "$SSH_PRIVATE_KEY_PROD" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
script:
- export SSH_DEPLOY_SERVER_PROD="ssh -o StrictHostKeyChecking=no ${DEPLOY_USER}@${DEPLOY_SERVER_PROD}"
- ${SSH_DEPLOY_SERVER_PROD} "whoami";
as you can see, everything almost the same except $SSH_PRIVATE_KEY and $SSH_PRIVATE_KEY_PROD which I already added in the Variables section on Gitlab project. Both PRIVATE KEY got from id_rsa on specific remote server under /home/<DEPLOY_USER>/.ssh/id_rsa
But once running the pipeline in job deploy_to_production the error occurs
$ which ssh-agent || (apk add openssh-client)
/usr/bin/ssh-agent
$ eval “$(ssh-agent -s)”
Agent pid 21
$ echo “$SSH_PRIVATE_KEY_PROD” | tr -d ‘\r’ | ssh-add -
Identity added: (stdin) (user@x.x.x.x)
$ mkdir -p ~/.ssh
$ chmod 700 ~/.ssh
$ export SSH_DEPLOY_PROD_SERVER=“ssh -o StrictHostKeyChecking=no ${DEPLOY_USER}@${DEPLOY_PROD_SERVER}”
$ ${SSH_DEPLOY_PROD_SERVER} “whoami;”
Warning: Permanently added ‘x.x.x.x’ (ECDSA) to the list of known hosts.
Permission denied, please try again.
Permission denied, please try again.
user@x.x.x.x: Permission denied (publickey,password).
Since I’m using Docker executor that always provides a clean environment on every job, I’m wondering why the same procedure doesn’t work.
Please help!