Why does host key verification fail? Symfony and BitBucket Deployment with Easy-Deploy-Bundle

I am trying to deploy my Symfony 5 application via BitBucket Pipelines and easy-corp/easy-deploy-bundle to my server. I’ve followed the instructions on https://support.atlassian.com/bitbucket-cloud/docs/use-ssh-keys-in-bitbucket-pipelines/ to create an ssh key and added my server as a known host within BitBucket. I also followed the instructions at https://github.com/EasyCorp/easy-deploy-bundle/.

The error I get within the pipeline when running php bin/console deploy -v is:

[...] Executing command: echo 1234353400
| err :: Host key verification failed.
In Process.php line 252:
                                                                               
  [SymfonyComponentProcessExceptionProcessFailedException]                 
  The command "ssh ... -p ... 'echo 1234353400'" failed.  
                                                                               
  Exit Code: 255(Unknown error)                                                
                                                                               
  Working directory: /opt/atlassian/pipelines/agent/build                      
                                                                               
  Output:                                                                      
  ================                                                             
                                                                               
                                                                               
  Error Output:                                                                
  ================                                                             
  Host key verification failed.

JavaScript
​x
 
[...] Executing command: echo 1234353400| err :: Host key verification failed.In Process.php line 252:                                                                                 [SymfonyComponentProcessExceptionProcessFailedException]                   The command "ssh ... -p ... 'echo 1234353400'" failed.                                                                                   Exit Code: 255(Unknown error)                                                                                                                                 Working directory: /opt/atlassian/pipelines/agent/build                                                                                                       Output:                                                                        ================                                                                                                                                                                                                                             Error Output:                                                                  ================                                                               Host key verification failed.                                                ​

I’ve added the public key from Symfony to the file ~/.ssh/authorized_keyson my server.

My config file for deployment (deploy.php) looks as follows:

<?php

use EasyCorpBundleEasyDeployBundleDeployerDefaultDeployer;

return new class extends DefaultDeployer
{
    public function configure()
    {
        return $this->getConfigBuilder()
            ->server('user@host:port')
            ->deployDir('dir')
            ->repositoryUrl('ssh-url')
            ->repositoryBranch('develop')
        ;
    }
};

JavaScript
 
<?php​use EasyCorpBundleEasyDeployBundleDeployerDefaultDeployer;​return new class extends DefaultDeployer{    public function configure()    {        return $this->getConfigBuilder()            ->server('user@host:port')            ->deployDir('dir')            ->repositoryUrl('ssh-url')            ->repositoryBranch('develop')        ;    }};​​

Where user, host, port, dir, and ssh-url are replaced by my credentials, which work fine when accessing the server via ssh in the terminal.

So what am I doing wrong? Is easy-deploy-bundle accessing the valid .ssh directory, where BitBucket stores my key and known host?

I found that StrictHostKeyChecking=no could be a possible solution, but I didn’t found how to disable it within easy-deploy-bundle.

Thanks for your help.

Answer

I found that StrictHostKeyChecking=no could be a possible solution, but I didn’t found how to disable it within easy-deploy-bundle.

That means you have actually not added the remote server fingerprint to the known_hosts.

either you have added the hostname only, and it needs the IP (or vice-versa)
or you have added it using one account (~/.ssh/known_hosts), but the plugin is executed by another account (or root), and does not read the right known_hosts

Advertisement

Answer