HiveBrain v1.2.0
Get Started
← Back to all entries
patternMinor

Where does CircleCI-2.0 store the ssh private keys?

Submitted by: @import:stackexchange-devops··
0
Viewed 0 times
thewhereprivatecirclecistorekeysdoesssh

Problem

Aim

To deploy docker container using ansible using CircleCI-2.0.

Method

A private key has been created and added using the CircleCI-2.0 UI.

.circle/config.yml

version: 2
jobs:
  build:
    docker:
      - image: ubuntu:xenial
    working_directory: ~/project


Results

Running ansible results in:

Failed to connect to the host via ssh: Warning: Permanently added
Permission denied (publickey,password)


Discussion

The assumption was made that the keys would have been stored in ~/.ssh, but this seems to be empty.


Is your target host accepting this key (when tried manually)?

Yes. Log in using ssh root@host -i key succeeds.


Are you using the same user in the container?

Yes. The root user is used both manually as from the CircleCI-2.0.

Conclusion

In summary, the question is where does CircleCI-2.0 store the private keys that have been submitted using the UI? The ~/.ssh directory is empty.

Solution

I still don't get how your config.yml could launch ansible without a step part. Here is my findings, but I'm unsure it is what you're after, but that was too long for a comment.

According to the documentation here you have to add a add_ssh_keys with the fingerprint of your key as seen in the UI.

- add_ssh_keys:
    fingerprints:
      - "48:a0:87:54:ca:75:32:12:c6:9e:a2:77:a4:7a:08:a4"

Code Snippets

- add_ssh_keys:
    fingerprints:
      - "48:a0:87:54:ca:75:32:12:c6:9e:a2:77:a4:7a:08:a4"

Context

StackExchange DevOps Q#838, answer score: 5

Revisions (0)

No revisions yet.