@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending DSA key in /root/.ssh/known_hosts:4
remove with:
ssh-keygen -f "/root/.ssh/known_hosts" -R "github.com"
Host key for github.com has changed and you have requested strict checking.
Host key verification failed.
Error: Process completed with exit code 255.
这是我的 GitHub Actions 工作流程的相关部分:
name: Deploy to Backend - Staging
on:
pull_request:
types: [closed]
branches:
- staging
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
environment:
name: 'Staging'
container:
image: node:18.17.1
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup SSH Agent
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
- name: Ensure SSH Directory Exists
run: mkdir -p ~/.ssh
- name: Initialize Known Hosts File
run: touch ~/.ssh/known_hosts
- name: Remove Old Known Hosts Entry
run: ssh-keygen -f "~/.ssh/known_hosts" -R "github.com" || true
- name: Add GitHub to Known Hosts
run: ssh-keyscan -H github.com >> ~/.ssh/known_hosts
- name: Test SSH Connection to GitHub
run: ssh -T [email protected]
- name: Debug Directory Contents
run: |
echo "Current directory: $(pwd)"
echo "Directory contents:"
ls -la
echo "web.config files:"
find . -name "web.config*"
- name: Create ENV file and move web.config
run: |
echo "RAILS_MASTER_KEY=${{ secrets.RAILS_MASTER_KEY }}" >> ./.env
echo "IMP_API_DATABASE_USERNAME=${{ secrets.IMP_API_DATABASE_USERNAME }}" >> ./.env
echo "IMP_API_DATABASE_PASSWORD=${{ secrets.IMP_API_DATABASE_PASSWORD }}" >> ./.env
echo "IMP_DATABASE_HOST=${{ secrets.IMP_DATABASE_HOST }}" >> ./.env
echo "web.config.${{ github.ref_name }} moved successfully"
- name: Test SSH Connection
run: |
ssh -vvv ${{ secrets.FTP_USERNAME }}@${{ secrets.FTP_HOST }} -p 1556 "echo 'SSH Connection Successful'"
- name: Check Server Connectivity
run: ping -c 4 ${{ secrets.FTP_HOST }}
# - name: Remove old files
# uses: appleboy/[email protected]
# with:
# host: ${{ secrets.FTP_HOST }}
# username: ${{ secrets.FTP_USERNAME }}
# key: ${{ secrets.SSH_PRIVATE_KEY }}
# port: 1556
# script: |
# rm -rf ${{ secrets.FTP_PATH }}/${{ secrets.APP_PATH }}/upload
# - name: Deploy via FTP
# uses: SamKirkland/[email protected]
# with:
# server: ${{ secrets.FTP_HOST }}
# username: ${{ secrets.FTP_USERNAME }}
# password: ${{ secrets.FTP_PASSWORD }}
# local-dir: ./
# server-dir: ${{ secrets.APP_PATH }}/upload/
# exclude: |
# .bitbucket/**
# .docker/**
# .git/**
# db/dw/**
# db/dw/data/**
# - name: Execute remote script
# uses: appleboy/[email protected]
# with:
# host: ${{ secrets.FTP_HOST }}
# username: ${{ secrets.FTP_USERNAME }}
# key: ${{ secrets.SSH_PRIVATE_KEY }}
# port: 1556
# script: |
# mv ${{ secrets.FTP_PATH }}/${{ secrets.APP_PATH }}/upload/bin/build-remote.sh ${{ secrets.FTP_PATH }}/${{ secrets.APP_PATH }}/build-remote.sh && ${{ secrets.FTP_PATH }}/${{ secrets.APP_PATH }}/build-remote.sh ${{ secrets.FTP_PATH }}/${{ secrets.APP_PATH }} ${{ secrets.IIS_SITE_NAME }} ${{ github.ref_name }}
- name: Deployment Completed
run: echo "Deployment to FTP finished"
更多日志:
Run touch ~/.ssh/known_hosts
touch ~/.ssh/known_hosts
shell: sh -e {0}
env:
SSH_AUTH_SOCK: /tmp/ssh-XXXXXX6UNzfU/agent.128
SSH_AGENT_PID: 129
Run ssh-keygen -f "~/.ssh/known_hosts" -R "github.com" || true
Cannot stat ~/.ssh/known_hosts: No such file or directory
Run ssh-keyscan -H github.com >> ~/.ssh/known_hosts
# github.com:22 SSH-2.0-babeld-49dcf83c5
# github.com:22 SSH-2.0-babeld-49dcf83c5
# github.com:22 SSH-2.0-babeld-49dcf83c5
# github.com:22 SSH-2.0-babeld-49dcf83c5
# github.com:22 SSH-2.0-babeld-49dcf83c5
Run ssh -T [email protected]
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending DSA key in /root/.ssh/known_hosts:4
Host key for github.com has changed and you have requested strict checking.
Host key verification failed.
Error: Process completed with exit code 255.
如何修复“主机密钥验证失败”问题并在部署过程中安全地验证 SSH 主机密钥?
是否有更好的方法来管理 GitHub Actions 的 SSH 主机密钥更改?
添加了 GitHub 的 SSH 密钥:使用
ssh-keyscan -H github.com >> ~/.ssh/known_hostsknown_hosts已验证 SSH 代理设置:
webfactory/ssh-agent我从笔记本电脑创建了公钥和私钥,并将它们放在远程服务器 FTP 用户的
.sshauthorized_keys此错误只是因为您的系统仍然具有旧的主机密钥存储操作系统权限,请尝试以下更改
- name: Remove Old Known Hosts Entry
run: ssh-keygen -f "/root/.ssh/known_hosts" -R "github.com" || true
- name: Add GitHub to Known Hosts
run: ssh-keyscan -H github.com >> ~/.ssh/known_hosts
- name: Ensure Correct SSH Permissions
run: |
chmod 700 ~/.ssh
chmod 600 ~/.ssh/known_hosts
指定
root~您收到的退出代码为 255 的错误,通常指的是问题