-
Hello, I would like use an ssh key to connect to remote hosts, that is stored is the Key Store of Sempahore (like to one to connect to git). |
Beta Was this translation helpful? Give feedback.
Replies: 18 comments 39 replies
-
Yes, you can. |
Beta Was this translation helpful? Give feedback.
-
Thank you for the answer fiftin, but can you please elaboration on how to do it ? On the Template Edit form, I do not find any way to select an ssh key from the KeyStore. The only thing about it is inside the "Advanced" field, but the key has to come from file system, not database |
Beta Was this translation helpful? Give feedback.
-
The ssh key is set in the inventory, but it seems that ansible won't use it for the ssh connection to remote host. In the debug log of the task run, I have :
|
Beta Was this translation helpful? Give feedback.
-
Hi @Korhm, Looks like you should specify username for your remote server(s). You can do it via Environments: Since this is not very convenient, I added the ability to set a username in Access Key settings. It will be available in next release: |
Beta Was this translation helpful? Give feedback.
-
@fiftin I'm having some difficulty with this as well. It seems semaphore cannot make the connection and throws the following: However, I know the key is good because I can use it successfully from my local machine to that server. I have also copied the full SSH command semaphore uses from the debug output and run that locally using my key and it works (after removing the ControlPath option because I don't have that same temp file that semaphore generates) SSH command from semaphore debug output Result on remote host (success.txt file is there)
So, it seems semaphore isn't using the key correctly or perhaps I don't have some thing setup correctly but I cannot figure out what. Full contents of inventory file
I'm fairly new to Ansible and semaphore to my apologies if I have something misconfigured. |
Beta Was this translation helpful? Give feedback.
-
Interestingly there are a bunch errors related to the
|
Beta Was this translation helpful? Give feedback.
-
I shelled into the running container (I'm running this in docker via
I see in the job log that it automatically adds bitbucket to know hosts (though not sure where because it doesn't exist where it's looking for the remote ssh server known host. So... why does it not auto-accept known hosts from other servers and where is there no option to get known hosts somewhere?
|
Beta Was this translation helpful? Give feedback.
-
Final comment for now I switched to a username and password credential for it under Inventory and it works. Just SSH key doesn't |
Beta Was this translation helpful? Give feedback.
-
I came across this issue as well, with the same error messages about the
I hope this ends up being helpful for someone out there. |
Beta Was this translation helpful? Give feedback.
-
I think either google doesn't index this comments, or I'm just awful at googling things, I spent 5 days trying to figure this out and since I could't find it anywhere not even mentioned I assumed it was just me doing something wrong, I tried so many useless thiungs and it turns out it's the feature that doesn't work! Thank you all for posting this here, you've saved my sanity. |
Beta Was this translation helpful? Give feedback.
-
FWIW ... I was experiencing similar symptoms to those reported by @bverkron above, where Semaphore seemed to ignore the SSH private key that I had placed in the Semaphore Key Store. In my case this was being caused by my playbook having explicitly specified the private key file in a group variable... As soon as I removed this explicitly specified variable, Ansible Semaphore correctly used the SSH private key associated with the Inventory and retrieved it from the Key Store. |
Beta Was this translation helpful? Give feedback.
-
There is another, in my opinion, better solution for that. Exec into the container and edit the .ssh/config of the user semaphore
After that change, the known_hosts file is written and everything works fine. Could also be changed in the Docker Container Build by editing the /etc/ssh/config file. |
Beta Was this translation helpful? Give feedback.
-
Any solution for that topic? I tried to set up my environment with the ideas of @BakermanLP and @wilpig , but ended up like @bverkron. User/Password is working, but ssh keys (also adding them manually like @thre-z described) won´t work. Am I doing something wrong or is this feature not implemented? |
Beta Was this translation helpful? Give feedback.
-
its 2024 this is still a huge issue anyways if you are using docker compose to your setup modify it and mount a volume sharing the local server ssh keys
|
Beta Was this translation helpful? Give feedback.
-
A year later it still doesn't work. @ssh30 solution works, but if your user ID is not 1001, copy the ssh dir to another location and make chown 1001:1001 |
Beta Was this translation helpful? Give feedback.
-
Same issue here, pulling my hair out. I tried @ssh30 fix but it did not work for me. |
Beta Was this translation helpful? Give feedback.
-
Mine too. What is the issue with it.
…On Fri, Mar 22, 2024, 03:24 sigma0100 ***@***.***> wrote:
can't do that playbook lives in a repo, but i get your idea
—
Reply to this email directly, view it on GitHub
<#847 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BCWOISAAOAOCWBMXAOYAPKLYZOB45AVCNFSM5NHRZ7DKU5DIOJSWCZC7NNSXTOKENFZWG5LTONUW63SDN5WW2ZLOOQ5TQOBXGIZTKNY>
.
You are receiving this because you commented.Message ID:
***@***.***
com>
|
Beta Was this translation helpful? Give feedback.
-
Running into an issue with v2.9.70 where I have a test task attempting to establish an SSH Connection, but it's saying the user is none, and then attempts to ssh using the [email protected] and just fails: |
Beta Was this translation helpful? Give feedback.
@geelenbert It looks like I was able to reproduce your issue. Did you backup/restore the project?
Backup don't contains secrets. All keys are empty. Yes, it was a bad idea, I will think how to solve it.
So, what we have as a result. SSH keys with Passphrase works out of box, if not:
SEMAPHORE_ACCESS_KEY_ENCRYPTION
: https://docs.semui.co/administration-guide/security#database-encryption.