Skip to content
Advertisement

Why does host key verification fail? Symfony and BitBucket Deployment with Easy-Deploy-Bundle

I am trying to deploy my Symfony 5 application via BitBucket Pipelines and easy-corp/easy-deploy-bundle to my server. I’ve followed the instructions on https://support.atlassian.com/bitbucket-cloud/docs/use-ssh-keys-in-bitbucket-pipelines/ to create an ssh key and added my server as a known host within BitBucket. I also followed the instructions at https://github.com/EasyCorp/easy-deploy-bundle/.

The error I get within the pipeline when running php bin/console deploy -v is:

[...] Executing command: echo 1234353400
| err :: Host key verification failed.
In Process.php line 252:
                                                                               
  [SymfonyComponentProcessExceptionProcessFailedException]                 
  The command "ssh ... -p ... 'echo 1234353400'" failed.  
                                                                               
  Exit Code: 255(Unknown error)                                                
                                                                               
  Working directory: /opt/atlassian/pipelines/agent/build                      
                                                                               
  Output:                                                                      
  ================                                                             
                                                                               
                                                                               
  Error Output:                                                                
  ================                                                             
  Host key verification failed.                                                

I’ve added the public key from Symfony to the file ~/.ssh/authorized_keyson my server.

My config file for deployment (deploy.php) looks as follows:

<?php

use EasyCorpBundleEasyDeployBundleDeployerDefaultDeployer;

return new class extends DefaultDeployer
{
    public function configure()
    {
        return $this->getConfigBuilder()
            ->server('user@host:port')
            ->deployDir('dir')
            ->repositoryUrl('ssh-url')
            ->repositoryBranch('develop')
        ;
    }
};

Where user, host, port, dir, and ssh-url are replaced by my credentials, which work fine when accessing the server via ssh in the terminal.

So what am I doing wrong? Is easy-deploy-bundle accessing the valid .ssh directory, where BitBucket stores my key and known host?

I found that StrictHostKeyChecking=no could be a possible solution, but I didn’t found how to disable it within easy-deploy-bundle.

Thanks for your help.

Advertisement

Answer

I found that StrictHostKeyChecking=no could be a possible solution, but I didn’t found how to disable it within easy-deploy-bundle.

That means you have actually not added the remote server fingerprint to the known_hosts.

  • either you have added the hostname only, and it needs the IP (or vice-versa)
  • or you have added it using one account (~/.ssh/known_hosts), but the plugin is executed by another account (or root), and does not read the right known_hosts
User contributions licensed under: CC BY-SA
7 People found this is helpful
Advertisement