Ssh-add asking for my passphrase

here’s my custom TCI config

before_install:
  - echo -e "Host *\n\tStrictHostKeyChecking no\n" > ~/.ssh/config
  - echo -e $id_rsa.pub > ~/.ssh/id_rsa.pub
  - echo -e $id_rsa > ~/.ssh/id_rsa
  - sudo chmod 600 ~/.ssh/*
  - sudo chmod 644 ~/.ssh/config
  - eval `ssh-agent -s`

$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /home/travis/.ssh/id_rsa: 

on other ssh-add step, it ask me the passphrase and it’s stop the deployment. I have tested with an other ssh key without passphrase but it don’t fix my issue at all.

I have tested lot of solution like $MY_PASSWORD | ssh-add ~/.ssh/id_rsa or echo "$MY_PASSWORD" | ssh-add ~/.ssh/id_rsa but it don’t works.

I have added to my .ssh/config (you can see it in my config):

Host *
    StrictHostKeyChecking no

isn’t it supposed to make it don’t ask me the passphrase ? have also used travis whatsup to confirm some things, and it checks out…

SU

You’re using an encrypted private key (which is good), but it needs the passphrase (which is bad for scripting specifically). There are several possibilities that will allow you to proceed without a failing build.

  • Remove the passphrase from the key and use it unencrypted (less secure):
ssh-keygen -p -P "old_passphrase" -N "" -f ~/.ssh/id_rsa

Then grep it, to make sure it’s gone.

  • Use sshpass tool to unlock the key (storing the passphrase next to the key in the script basically defeats the security purposes of encrypted key in the env var):
sshpass -p passphrase ssh-add ~/.ssh/id_rsa

I would look a little closer at your .travis.yml file too, it’s an easy fix. The logic can be a little complicated though. I hope one of these suggestions work.

1 Like
Imprint