Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Public key authentication fails in Pipeline deployment script

Okhtay Sattari
Okhtay Sattari
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 4, 2025

Hello all there,

I use the following bitbucket-pipelines.yml in my repository:

_____________________________

pipelines:
branches:
master:
- step:
name: Deploy to droplet
deployment: Production
script:
- echo $USER
- echo $SERVER
- echo "Deploying master to live"
- ssh -v -t bitbucket@xxx.xxx.xxx.xxx
- echo "Deploy step finished"
_____________________________
and I get the following error:
ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory
Permission denied, please try again.
The complete debug is as follows:
______________________________
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
Pseudo-terminal will not be allocated because stdin is not a terminal.
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /opt/atlassian/pipelines/agent/ssh/id_rsa type -1
debug1: identity file /opt/atlassian/pipelines/agent/ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.11
debug1: match: OpenSSH_8.9p1 Ubuntu-3ubuntu0.11 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-sha1-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ED25519 5d:25:68:08:24:72:41:1b:a2:02:c3:47:67:f0:c3:84
debug1: Host 'xxx.xxx.xxx.xxx' is known and matches the ED25519 host key.
debug1: Found key in /root/.ssh/known_hosts:7
debug1: ssh_ed25519_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /opt/atlassian/pipelines/agent/ssh/id_rsa
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: permanently_drop_suid: 0
ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: permanently_drop_suid: 0
ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: permanently_drop_suid: 0
ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
Permission denied (publickey,password).
______________________________
How can I resolve this issue?
Regards,
Answer
Watch
Like Be the first to like this
79 views

1 answer

0 votes
Okhtay Sattari
Okhtay Sattari
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 5, 2025

Now, I get the following error:

 

pipe-error.jpg

View More Comments
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 5, 2025

Hi Okhtay,

The error relating to the host key in conjunction with the askpass error highlights two steps that may help you to resolve the issue:

  • Ensure you have an SSH key configured in Repository Settings > Pipelines > SSH
  • Ensure you perform a keyscan to add bitbucket to your known_hosts before the SSH command: 
    ssh-keygen -R bitbucket.org && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

Please perform the above and let me know if it completes.

 

Cheers!

- Ben (Bitbucket Cloud Support)

 

Like
Okhtay Sattari
Okhtay Sattari
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 6, 2025

Hi Ben

Thank you for your reply.

I have created a public/private key at https://bitbucket.org/okhsat/okhtay/admin/pipelines/ssh-keys , and then added the IP address of my digitalocean droplet to the known hosts section of that page to get the host's finger print. Then I coppied this bitbucket public key to ~/.ssh/authorized_keys on my droplet host. On my droplet host, I have created a special user for this purpose with the name "bitbucket" and have started a ssh agent for this user. So, the aforementioned bitbucket public key has been added to  the ~/.ssh/authorized_keys of this droplet user. I have previously added bitbucket.org to the known hosts of "bitbucket" droplet user on my droplet host, but I did it again using the command you gave:

ssh-keygen -R bitbucket.org && curl https://bitbucket.org/site/ssh >> ~/.ssh/known_hosts

. However, there is no change, and I still get the previous error:

pipe-error.jpg

The interesting point is that I can connect to my droplet host on my PC using the simple command: ssh bitbucket@xxx.xxx.xxx.xxx, and I have successfully configured my PC and the droplet host for this purpose, but I can not do the same thing for bitbucket.org to run a simple pipeline.

 

 

 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events