Reputation: 372
Heroku -> GitHub SSH key issue
I am writing an app hosted on Heroku which performs read/write operations on private GitHub hosted repositories.
I have done the following
- Generated an SSH key, using the same email as my GitHub account
- Added the SSH public key to my GitHub account which has admin privileges to the repository
- Added the SSH public key to Heroku using heroku:keys add
When trying to perform any git operation on a GitHub hosted repository (that I have total access to), I get "Host key verification failed"
I'm not sure what I'm doing wrong.. as far as I can tell, the Heroku app should be able to read and push to the repo on GitHub just fine.
If I run the same script locally, everything works like a charm.
Hoping someone can help me out.
Upvotes: 2
Views: 728
Answers (2)
Reputation: 372
After hearing back from Heroku support, they mentioned something along the lines of what VonC said. The key wasn't available in Heroku so it was failing.
Although what VonC said would work I imagine, I resolved to using an OAuth Token for my git operations instead of sharing private and public keys away.
As per this article, you can use a GitHub OAuth token in place of a username and all works fine. Setting it as a Heroku config var also means that it never has to appear in your code. https://help.github.com/articles/git-automation-with-oauth-tokens
Upvotes: 2
Reputation: 1325137
If I run the same script locally, everything works like a charm.
That is because locally, in your $HOME/.ssh, you have both the private and public key.
You need both to access a repo hosting server (like GitHub or Heroku).
That means: if Heroku needs to access directly GitHub, it also needs the public and private ssh key.
You need (as in this article) to reference your private key as config vars
heroku config:add PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
MMMMMMMMaaaaaammmmammamamammamaasdhkghkdahgj8234joihsdfJHHKJGHGG
...
-----END RSA PRIVATE KEY-----"
make sure you pass the config var when you load the key.
key = OpenSSL::PKey::RSA.new ENV["PRIVATE_KEY"], 'notasecret'
And your Heroku App will be able to use that private key when contacting GitHub.
Note that sharing private keys is frowned upon, so generating a new public/private key dedicated for Heroku accessing GitHub (and adding the new public key to the GitHub repo) is preferable.
You will find similar approach (for an Heroku app to access a private ssh key) in:
Upvotes: 1
Related Questions
- How do I access a private github repo from heroku?
- Git setting up ssh key
- Heroku - Uploading SSH public key failed
- How to add heroku key to git to work properly
- Cannot deploy app to Heroku "Could not read from remote repository"
- Deploy an app to heroku fail because of key not authorized
- Heroku key not accepted
- Heroku - Added SSH public key and still getting Permission denied (publickey) error
- Unable to push git repo to Heroku, despite valid SSH keys
- Access and deploy problems with Heroku