Reputation: 33
travis-ci - ssh-add asking for my passphrase
I am working on a continuous integration with Travis CI. This is my configuration:
before_install:
- echo -e "Host *\n\tStrictHostKeyChecking no\n" > ~/.ssh/config
- echo -e $id_rsa.pub > ~/.ssh/id_rsa.pub
- echo -e $id_rsa > ~/.ssh/id_rsa
- sudo chmod 600 ~/.ssh/*
- sudo chmod 644 ~/.ssh/config
- eval `ssh-agent -s`
- ssh-add ~/.ssh/id_rsa
...
$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /home/travis/.ssh/id_rsa:
On the ssh-add step, it ask me the passphrase and it's stop the deployment. I have tested with an other ssh key without passphrase but it don't fix my issue.
I have tested lot of solution like yes $MY_PASSWORD | ssh-add ~/.ssh/id_rsa or echo "$MY_PASSWORD" | ssh-add ~/.ssh/id_rsa but it don't works.
I have added to my .ssh/config (you can see it in my config):
Host *
StrictHostKeyChecking no
isn't it supposed to make it don't ask me the passphrase ?
Maybe someone have an idea ? Thanks :)
Upvotes: 2
Views: 3098
Answers (3)
Reputation: 11
You could do
before_install:
- [...]
- chmod 600 ~/.ssh/id_rsa
- chmod 700 local-ssh-askpass
- eval `ssh-agent -s`
- DISPLAY=1 SSH_ASKPASS_REQUIRE=force SSH_ASKPASS=./local-ssh-askpass ssh-add ~/.ssh/id_rsa < /dev/null
Don't forget to set :
- DISPLAY=1 to force local ask script
- do redirect input from /dev/null
- any echo passphrase from local-ssh-askpass script
Upvotes: 0
Reputation: 33
I had resolved my problem. I had different problem in basic utilisation of environment variables and echo.
My environment variables names were not good. "$id_rsa.pub" in travis was interpreted by $id_rsa . ".pub" so it added some wrong characters to my content. I renamed it to id_rsa_pub.
I forget to transform " " in "\ " and newlines by "\n" and with travis and his environment variables, you must write "\\n" instead of just "\n".
My issue was in part because bad ssh files, and because I use a rsa key with password. In my case it's not important to have a password so i deleted it. For that i use the answer of jakuje. My ssh key is now installed correctly in each builds.
Thank you for your help !
Upvotes: 0
Reputation: 26006
You are using encrypted private key (which is good), but it needs the passphrase (which is bad for scripting). There are several possibilities you can proceed:
Remove the passphrase from the key and use it unencrypted (less secure)
ssh-keygen -p -P "old_passphrase" -N "" -f ~/.ssh/id_rsaUse
sshpasstool to unlock the key (storing the passphrase next to the key in the script basically defeats the security of encrypted key)sshpass -p passphrase ssh-add ~/.ssh/id_rsa
Upvotes: 0
Related Questions
- Travis Could not authorize build request
- Can't find SSH keys settings under travis project settings
- How to input a password in Travis CI while deploy to DigitalOcean via ssh
- travis-ci encrypt command is asking for login --pro
- How to add SSH Key in Travis CI?
- How to get Travis CI to work with a SSH Key: currently gets stuck when accessing my private rep(wants the username)
- Permission Denied for deploying in GitHub using travis-CI
- pypi deployment error: invalid option "--password="
- SShpass not allowed with Travis CI
- How to do a custom deploy using ssh with Travis CI?