Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,368,548
Community Members
 
Community Events
168
Community Groups

Bitbucket's pipeline - SSH into remote linux server

When my pipeline runs, I am getting the below errors:

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/config
debug1: key_load_private_type: incorrect passphrase supplied to decrypt private key
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
lost connection

This is my .yml file:

image: maven:3.3.9

pipelines:
  default:
    - step:
        caches:
          - maven
        name: Build
        script: # Modify the commands below to build your repository.
          - echo "Build Start"
          - mvn package
          - echo $BUILD_DIR
          - mv target/**.jar target/transpoDirect.jar
        artifacts:
          - target/**.jar
    - step:
        name: Deploy
        image: maven:3.3.9
        script:
           - ls -la .
           - scp -i ~/.ssh/config -P 7822 -v -o StrictHostKeyChecking=no target/*.jar root@$hostName:/var/transpoDirect/.
           - ssh -p 7822 -i ~/.ssh/config -v -o StrictHostKeyChecking=no root@$hostName sudo service transpoDirect restart

What I have tried is that chmod the ~/.ssh folder and files there to 777

The hostName variable is set in the repositories' settings.

authorized_keys is from bitbucket's public SSH key.

 

image.png

3 answers

Search for it on stackovestack, bitbucket pipeline - how to set ssh

Hi Norman,

Do you have an certain URL for this issue?

Thanks,

Sebastian

Like Noman Arain likes this

The file should be put in the $HOME/.ssh/authorized_keys

You can check where $HOME is by eval echo "$HOME"

I have exactly the same problem. Is there already a solution for this issue?

I'm having the same problem on an existing project that I just configured with pipelines. It has the exact same configuration as another project that is working fine. The projects even have the same ssh keys configured, but the new project is attempting to read a passphrase from /dev/tty. No passphrase is configured for the ssh-key. I even generated an entirely new ssh-key and configured my projects to use this.

Still, the new project prompts for an ssh key, and the old project does not. I am convinced that this is a problem with bitbucket.

I decided to try running an scp deployment first and I got a little more info...

scp -rp -i /opt/atlassian/pipelines/agent/ssh/id_rsa_tmp <trimmed>
Warning: Permanently added the RSA host key for IP address '...' to the list of known hosts.
Load key "/opt/atlassian/pipelines/agent/ssh/id_rsa_tmp": invalid format
Load key "/root/.ssh/pipelines_id": invalid format

I've double and triple checked my ssh keys that are configured under the Repository Settings >> Pipelines >> SSH keys.

I even added a step to print out private ssh key...

cat /opt/atlassian/pipelines/agent/ssh/id_rsa_tmp

The key is exactly correct. But it still doesn't connect properly.

I'm not sure why there aren't more people having this issue. I suspect that most people just generate a key from the bitbucket. I'm currently in a system where that isn't technically possible.

Like jwags likes this

I'm having a similar issue with the sftp deloy pipe 0.4.1. I added an ssh key for the repo to connect with submodules and another ssh key in repo variables to use this ftp pipe.

Status: Downloaded newer image for bitbucketpipelines/sftp-deploy:0.4.1
INFO: Starting SFTP deployment to 35.246.96.255:/work...
Load key "/root/.ssh/pipelines_id": invalid format
✖ Deployment failed.xxxxx@x.x.x.x
: Permission denied (publickey).
Connection closed

I have a very similar issue. I think bitbucket SSH key management has a bug.

Because of this issue, and the fact that you couldn't deploy to a specific server without changing the entire pipeline in a new commit, we ended up switching our entire deployment process to Jenkins. We have much more flexibility for deploying now.

Note to others or to my future self: If you try to add your own key in the Settings->Pipeline->SSH keys interface, you will likely get this error. If you choose the option to let them generate the key pair, everything will work fine. As some mentioned though, this isn't always feasible. Automated server provisioning with Bitbucket is really a pain...

Like # people like this

@Rob Guinness your suggestion worked for us as well -- thanks!

I figure out what is going on with the SSH module.

According to the docs here, the SSH keys (I don't understand the reason why) must be encoded with Base64.

0 votes

Use

ssh -F ~/.ssh/config

instead of

ssh -i ~/.ssh/config 

 

ssh --help

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events