Host key verification failed on Bitbucket Pipeline.

huangapple go评论62阅读模式
英文:

Host key verification failed on Bitbucket Pipeline

问题

I would like some help running my bitbucket pipeline ci/cd, but I am having a serious problem with the .key certificate part to access the server.
这是错误的输出:

Digest: sha256:b9111f61b5824ca7ed1cb63689a6da55ca6d6e8985eb778c36a5dfc2ffe776a8
Status: Downloaded newer image for bitbucketpipelines/scp-deploy:1.2.1
INFO: Using passed SSH_KEY...
Traceback (most recent call last):
  File "/pipe.py", line 108, in <module>
    pipe.run()
  File "/pipe.py", line 76, in run
    self.setup_ssh_config()
  File "/pipe.py", line 44, in setup_ssh_config
    f.write(base64.b64decode(ssh_key).decode())
UnicodeDecodeError: 'utf-8' codec can't decode byte 0x97 in position 42: invalid start byte

I put the .key certificate into a variable called $DO_KEY_QA, which is set by the pipeline

   --env=DOCKER_HOST="tcp://host.docker.internal:2375" \
   --env=BITBUCKET_PIPE_SHARED_STORAGE_DIR="/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes" \
   --env=BITBUCKET_PIPE_STORAGE_DIR="/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes/atlassian/scp-deploy" \
   --env=LOCAL_PATH="output-$BITBUCKET_BUILD_NUMBER.tar.gz" \
   --env=REMOTE_PATH="/opt/tmp/" \
   --env=SERVER="144.22.196.99" \
   --env=SSH_KEY="$DO_KEY_QA" \
   --env=USER="deploy" \

I already transformed the certificate to base64 (makes no sense at all) and it generates another error, but wasn't it supposed to accept the certificate normally as a string when reading?
已将.key证书放入一个名为$DO_KEY_QA的变量中,该变量由流水线设置。

英文:

I would like some help running my bitbucket pipeline ci/cd, but I am having a serious problem with the .key certificate part to access the server.

this is the output of the error:

Digest: sha256:b9111f61b5824ca7ed1cb63689a6da55ca6d6e8985eb778c36a5dfc2ffe776a8
Status: Downloaded newer image for bitbucketpipelines/scp-deploy:1.2.1
INFO: Using passed SSH_KEY...
Traceback (most recent call last):
  File "/pipe.py", line 108, in <module>
    pipe.run()
  File "/pipe.py", line 76, in run
    self.setup_ssh_config()
  File "/pipe.py", line 44, in setup_ssh_config
    f.write(base64.b64decode(ssh_key).decode())
UnicodeDecodeError: 'utf-8' codec can't decode byte 0x97 in position 42: invalid start byte

I put the .key certificate into a variable called $DO_KEY_QA, which is set by the pipeline

   --env=DOCKER_HOST="tcp://host.docker.internal:2375" \
   --env=BITBUCKET_PIPE_SHARED_STORAGE_DIR="/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes" \
   --env=BITBUCKET_PIPE_STORAGE_DIR="/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes/atlassian/scp-deploy" \
   --env=LOCAL_PATH="output-$BITBUCKET_BUILD_NUMBER.tar.gz" \
   --env=REMOTE_PATH="/opt/tmp/" \
   --env=SERVER="144.22.196.99" \
   --env=SSH_KEY="$DO_KEY_QA" \
   --env=USER="deploy" \

I already transformed the certificate to base64 (makes no sense at all) and it generates another error, but wasn't it supposed to accept the certificate normally as a string when reading?

答案1

得分: 2

当您将SSH_KEY参数传递给管道bitbucketpipelines/scp-deploy:1.2.1时,首先需要对其进行Base64编码(来源)。

这也可以从Python Traceback的最后两行中猜测出来:

    f.write(base64.b64decode(ssh_key).decode())
UnicodeDecodeError: 'utf-8' codec can't decode byte 0x97 in position 42: invalid start byte

写入id_rsa_tmp身份文件(f.write())失败,因为在将ssh_key Base64编码(!)bytes之后,在写入文件之前发生了UnicodeDecodeError错误。

UnicodeDecodeError: 'utf-8' codec can't decode byte 0x97 in position 42: invalid start byte

因此,无论您认为这是否愚蠢(实际上这相当常见),SSH_KEY的原始数据都需要进行Base64编码。

然而,为了使SSH_KEY参数能够正常工作,被Base64编码的密钥需要采用ASCII格式,否则无法解码为UTF-8。

当您以这种方式提供它(将密钥以ASCII编码的方式进行Base64编码,然后进行传输编码),它应该可以工作。

英文:

First of all to clarify: When you pass in the SSH_KEYparameter to the pipe bitbucketpipelines/scp-deploy:1.2.1, it must be base64 encoded (source).

This is also what one could a bit guess with the last two lines at the end of the Python Traceback:

    f.write(base64.b64decode(ssh_key).decode())
UnicodeDecodeError: 'utf-8' codec can't decode byte 0x97 in position 42: invalid start byte

Writing the id_rsa_tmp identity file (f.write()) fails because after base64 (!) decoding the ssh_key to bytes, the UnicodeDecodeError happens before writing to file.

> UnicodeDecodeError: 'utf-8' codec can't decode byte 0x97 in position 42: invalid start byte

Therefore, the original data needs to be base64 encoded for SSH_KEY, regardless if you think this is stupid or not (this is actually pretty common).

Nevertheless, the key that is being base64 encoded for the SSH_KEY parameter, needs to be in ASCII format as it otherwise could not be decoded as UTF-8.

When you provide it that way (key in ASCII encoding encoded as base64, the envelope encoding to transport it), it should work.

huangapple
  • 本文由 发表于 2023年5月22日 21:00:55
  • 转载请务必保留本文链接:https://go.coder-hub.com/76306472.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定