Hi there,
following scenario:
I have a pipeline with a local hosted docker linux runner. Means: Each pipeline execution runs in my local network. This enables me to access non-public hosts within my LAN.
Now I want the pipeline to access a host systm located in my LAN via SSH.
My bitbucket repository enables me to add a SSH key by providing private and public key... But the known-hosts part is not possible, because Bitbucket (the cloud version of bitbucket) can never ever access the host on my LAN to fetch the fingerprint...
Any ideas on what to do?
Constraints:
* it is *not* possible, not even for a short time, to make the ssh target host public accessible to fetch the fingerprint
* it is *not* possible to switch to a public reachable system. It *has* to be a system on my local LAN.
Hi Alexander,
When you run a build, pipelines will create the file ~/.ssh/known_hosts in the build container. The fingerprints for the Bitbucket and GitHub sites are automatically added to that file, but you can also modify this file during the build.
Can you fetch the fingerprint of that local host during the build by adding a command like the following in your bitbucket-pipelines.yml file's script (in the step where you want to connect to that host)?
- ssh-keyscan hostname_or_ip_address_of_local_host >> ~/.ssh/known_hosts
Kind regards,
Theodora
I need to retest. Last time I tried setting up the SSH access, I was not able to save it without using the fetch-button in the UI. But this did not work due to the fact, that the SSH server is not public reachable.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.