Host Key Verification Failed (bitbucket)

[spaquet]

I have a package hosted in a private bitbucket repository and I'm using your script the following way:
- name: Install SSH key uses: shimataro/ssh-key-action@v2 with: key: ${{ secrets.BITBUCKET_ACCESS_KEY }} known_hosts: ${{ secrets.KNOWN_HOSTS }}

and KNOWN_HOST value is:
bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==

However, yarn install always fails with "Host Key Verification Failed".

(I went reading #56 but still the same)

[shimataro]

Hi @spaquet

Hmm... 🤔
KNOWN_HOST seems to be no problem.

Could you paste entire workflow file and error log?

[spaquet]

Here is the workflow file:

# This is a basic workflow to help you get started with Actions

name: CI

# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the master branch
on:
  push:
    branches: [ develop ]
  pull_request:
    branches: [ develop ]

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  # This workflow contains a single job called "build"
  build:
    name: Build Test Frontend
    # The type of runner that the job will run on
    runs-on: ubuntu-latest

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
    - uses: actions/checkout@v2
    - uses: actions/setup-node@v1
      with:
        node-version: '12.x'

    # Add ssh key to access Bitbucket
    - name: Install SSH key
      uses: shimataro/ssh-key-action@v2
      with:
        key: ${{ secrets.BITBUCKET_CHAT }} # your private key
        known_hosts: ${{ secrets.KNOWN_HOSTS }}

    # Testing
    - run: yarn install
    - run: yarn lint
    - run: yarn build

[spaquet]

But looks like it went through this morning.
I will confirm on Monday as I'm not going to receive new PR this week-end.

[spaquet]

Nope, might have been a UI glitch on Friday.
Got the following error this morning:

[shimataro]

🤔
Let me ask you some questions.

1. Are you sure that secret name is KNOWN_HOSTS? (in Host Key Verification Failed (bitbucket) #142 (comment), you wrote "and KNOWN_HOST value is". is this just a typo?)
2. yarn install on your local computer successes?
3. Could you insert ssh -vvv [email protected] command before yarn install step and paste the output?
4. Coud you insert git clone [email protected]:tpilio/tocca-chat.git command before yarn install step and paste the output?

[spaquet]

1. See below
2. Yes no issue at all.
3. Yes, I will do it so that we have this output as part of the next PR
4. Yes, I will do it so that we have this output as part of the next PR

answer to your question #1: the value I have in secret.KNOWN_HOSTS is the following:
bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==

I extracted this value using the following command ssh-keyscan -t rsa bitbucket.org

[retrorocket]

@shimataro
英語不得手なので日本語ですいません。当方bitbucketを使っており、気になりましたので横から失礼いたします。
以下のワークフローとknown_hostsを設定しましたが、本issueの挙動を再現できませんでした。
known_hostsの取得方法についてはbitbucketの公式ドキュメントを参照しています。

workflow

# This is a basic workflow to help you get started with Actions

name: CI

# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the master branch
on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  # This workflow contains a single job called "build"
  build:
    name: Test Bitbucket Clone
    # The type of runner that the job will run on
    runs-on: ubuntu-latest

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
    - uses: actions/checkout@v2

    # Add ssh key to access Bitbucket
    - name: Install SSH key
      uses: shimataro/ssh-key-action@v2
      with:
        key: ${{ secrets.BITBUCKET_CHAT }} # your private key
        known_hosts: ${{ secrets.KNOWN_HOSTS }}
    - run: git clone [email protected]:xxxretrorocketxxx/test-bucket.git ; echo `cat ~/.ssh/known_hosts`
    - run: echo `cat ./test-bucket/README.md`

known_hosts

Configure SSH and two-step verification | Bitbucket Cloud | Atlassian Support

bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==

実行結果

known_hostsに余計な文字を入れている等しか思いつかないです。
お役に立てず申し訳ないです…。

[spaquet]

I'm actually using an Access Key (Read Only) as this information has to be shared with external providers and services. But that should not affect the KNOWN_HOSTS.

Logs for ssh -vvv [email protected] seems to be ok (see below)

020-06-23T14:14:10.4296091Z ##[group]Run ssh -vvv [email protected]
2020-06-23T14:14:10.4296690Z �[36;1mssh -vvv [email protected]�[0m
2020-06-23T14:14:10.4335353Z shell: /bin/bash -e {0}
2020-06-23T14:14:10.4335834Z ##[endgroup]
2020-06-23T14:14:10.5228213Z OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
2020-06-23T14:14:10.5336076Z debug1: Reading configuration data /home/runner/.ssh/config
2020-06-23T14:14:10.5337319Z debug1: Reading configuration data /etc/ssh/ssh_config
2020-06-23T14:14:10.5432378Z debug1: /etc/ssh/ssh_config line 19: Applying options for *
2020-06-23T14:14:10.5438243Z Pseudo-terminal will not be allocated because stdin is not a terminal.
2020-06-23T14:14:10.5438951Z debug2: resolving "bitbucket.org" port 22
2020-06-23T14:14:10.5466516Z debug2: ssh_connect_direct: needpriv 0
2020-06-23T14:14:10.5467241Z debug1: Connecting to bitbucket.org [18.205.93.2] port 22.
2020-06-23T14:14:10.5531146Z debug1: Connection established.
2020-06-23T14:14:10.5533458Z debug1: key_load_public: No such file or directory
2020-06-23T14:14:10.5534921Z debug1: identity file /home/runner/.ssh/id_rsa type -1
2020-06-23T14:14:10.5535576Z debug1: key_load_public: No such file or directory
2020-06-23T14:14:10.5536411Z debug1: identity file /home/runner/.ssh/id_rsa-cert type -1
2020-06-23T14:14:10.5538671Z debug1: key_load_public: No such file or directory
2020-06-23T14:14:10.5539598Z debug1: identity file /home/runner/.ssh/id_dsa type -1
2020-06-23T14:14:10.5540258Z debug1: key_load_public: No such file or directory
2020-06-23T14:14:10.5542307Z debug1: identity file /home/runner/.ssh/id_dsa-cert type -1
2020-06-23T14:14:10.5545050Z debug1: key_load_public: No such file or directory
2020-06-23T14:14:10.5546043Z debug1: identity file /home/runner/.ssh/id_ecdsa type -1
2020-06-23T14:14:10.5546700Z debug1: key_load_public: No such file or directory
2020-06-23T14:14:10.5547518Z debug1: identity file /home/runner/.ssh/id_ecdsa-cert type -1
2020-06-23T14:14:10.5548182Z debug1: key_load_public: No such file or directory
2020-06-23T14:14:10.5549005Z debug1: identity file /home/runner/.ssh/id_ed25519 type -1
2020-06-23T14:14:10.5549651Z debug1: key_load_public: No such file or directory
2020-06-23T14:14:10.5550475Z debug1: identity file /home/runner/.ssh/id_ed25519-cert type -1
2020-06-23T14:14:10.5551437Z debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
2020-06-23T14:14:10.5620271Z debug1: Remote protocol version 2.0, remote software version conker_51a1cf6f2c app-191
2020-06-23T14:14:10.5621474Z debug1: no match: conker_51a1cf6f2c app-191
2020-06-23T14:14:10.5622060Z debug2: fd 3 setting O_NONBLOCK
2020-06-23T14:14:10.5622838Z debug1: Authenticating to bitbucket.org:22 as 'git'
2020-06-23T14:14:10.5623528Z debug3: hostkeys_foreach: reading file "/home/runner/.ssh/known_hosts"
2020-06-23T14:14:10.5624742Z debug3: record_hostkey: found key type RSA in file /home/runner/.ssh/known_hosts:3
2020-06-23T14:14:10.5625439Z debug3: load_hostkeys: loaded 1 keys from bitbucket.org
2020-06-23T14:14:10.5626154Z debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
2020-06-23T14:14:10.5714645Z debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa
2020-06-23T14:14:10.5715401Z debug3: send packet: type 20
2020-06-23T14:14:10.5715955Z debug1: SSH2_MSG_KEXINIT sent
2020-06-23T14:14:10.5716511Z debug3: receive packet: type 20
2020-06-23T14:14:10.5717062Z debug1: SSH2_MSG_KEXINIT received
2020-06-23T14:14:10.5717648Z debug2: local client KEXINIT proposal
2020-06-23T14:14:10.5719561Z debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
2020-06-23T14:14:10.5721897Z debug2: host key algorithms: [email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa,[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
2020-06-23T14:14:10.5723358Z debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
2020-06-23T14:14:10.5724590Z debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
2020-06-23T14:14:10.5726187Z debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
2020-06-23T14:14:10.5727849Z debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
2020-06-23T14:14:10.5728665Z debug2: compression ctos: none,[email protected],zlib
2020-06-23T14:14:10.5729368Z debug2: compression stoc: none,[email protected],zlib
2020-06-23T14:14:10.5729953Z debug2: languages ctos: 
2020-06-23T14:14:10.5730483Z debug2: languages stoc: 
2020-06-23T14:14:10.5731020Z debug2: first_kex_follows 0 
2020-06-23T14:14:10.5731563Z debug2: reserved 0 
2020-06-23T14:14:10.5732120Z debug2: peer server KEXINIT proposal
2020-06-23T14:14:10.5735124Z debug2: KEX algorithms: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
2020-06-23T14:14:10.5736102Z debug2: host key algorithms: ssh-dss,ssh-rsa
2020-06-23T14:14:10.5737247Z debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],arcfour256,arcfour128
2020-06-23T14:14:10.5738470Z debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],arcfour256,arcfour128
2020-06-23T14:14:10.5739525Z debug2: MACs ctos: [email protected],hmac-sha2-256,hmac-sha1,hmac-sha1-96
2020-06-23T14:14:10.5740548Z debug2: MACs stoc: [email protected],hmac-sha2-256,hmac-sha1,hmac-sha1-96
2020-06-23T14:14:10.5741194Z debug2: compression ctos: none
2020-06-23T14:14:10.5741735Z debug2: compression stoc: none
2020-06-23T14:14:10.5742257Z debug2: languages ctos: 
2020-06-23T14:14:10.5743383Z debug2: languages stoc: 
2020-06-23T14:14:10.5744218Z debug2: first_kex_follows 0 
2020-06-23T14:14:10.5744743Z debug2: reserved 0 
2020-06-23T14:14:10.5745574Z debug1: kex: algorithm: [email protected]
2020-06-23T14:14:10.5746372Z debug1: kex: host key algorithm: ssh-rsa
2020-06-23T14:14:10.5747368Z debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
2020-06-23T14:14:10.5748442Z debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
2020-06-23T14:14:10.5749189Z debug3: send packet: type 30
2020-06-23T14:14:10.5749766Z debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
2020-06-23T14:14:10.6324719Z debug3: receive packet: type 31
2020-06-23T14:14:10.6326359Z debug1: Server host key: ssh-rsa SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A
2020-06-23T14:14:10.6327315Z debug3: hostkeys_foreach: reading file "/home/runner/.ssh/known_hosts"
2020-06-23T14:14:10.6328266Z debug3: record_hostkey: found key type RSA in file /home/runner/.ssh/known_hosts:3
2020-06-23T14:14:10.6329153Z debug3: load_hostkeys: loaded 1 keys from bitbucket.org
2020-06-23T14:14:10.6330004Z debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
2020-06-23T14:14:10.6330896Z debug3: hostkeys_foreach: reading file "/home/runner/.ssh/known_hosts"
2020-06-23T14:14:10.6331769Z debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
2020-06-23T14:14:10.6332930Z debug1: Host 'bitbucket.org' is known and matches the RSA host key.
2020-06-23T14:14:10.6334261Z debug1: Found key in /home/runner/.ssh/known_hosts:3
2020-06-23T14:14:10.6335621Z Warning: Permanently added the RSA host key for IP address '18.205.93.2' to the list of known hosts.
2020-06-23T14:14:10.6349419Z debug3: send packet: type 21
2020-06-23T14:14:10.6350159Z debug2: set_newkeys: mode 1
2020-06-23T14:14:10.6350846Z debug1: rekey after 134217728 blocks
2020-06-23T14:14:10.6351545Z debug1: SSH2_MSG_NEWKEYS sent
2020-06-23T14:14:10.6352211Z debug1: expecting SSH2_MSG_NEWKEYS
2020-06-23T14:14:10.6352914Z debug3: receive packet: type 21
2020-06-23T14:14:10.6353598Z debug1: SSH2_MSG_NEWKEYS received
2020-06-23T14:14:10.6354277Z debug2: set_newkeys: mode 0
2020-06-23T14:14:10.6354947Z debug1: rekey after 134217728 blocks
2020-06-23T14:14:10.6355710Z debug2: key: /home/runner/.ssh/id_rsa ((nil))
2020-06-23T14:14:10.6356476Z debug2: key: /home/runner/.ssh/id_dsa ((nil))
2020-06-23T14:14:10.6357253Z debug2: key: /home/runner/.ssh/id_ecdsa ((nil))
2020-06-23T14:14:10.6358029Z debug2: key: /home/runner/.ssh/id_ed25519 ((nil))
2020-06-23T14:14:10.6358734Z debug3: send packet: type 5
2020-06-23T14:14:10.6897616Z debug3: receive packet: type 6
2020-06-23T14:14:10.6898901Z debug2: service_accept: ssh-userauth
2020-06-23T14:14:10.6899497Z debug1: SSH2_MSG_SERVICE_ACCEPT received
2020-06-23T14:14:10.6900067Z debug3: send packet: type 50
2020-06-23T14:14:10.6981136Z debug3: receive packet: type 51
2020-06-23T14:14:10.6981900Z debug1: Authentications that can continue: publickey
2020-06-23T14:14:10.6982702Z debug3: start over, passed a different list publickey
2020-06-23T14:14:10.6984411Z debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
2020-06-23T14:14:10.6985250Z debug3: authmethod_lookup publickey
2020-06-23T14:14:10.6986252Z debug3: remaining preferred: keyboard-interactive,password
2020-06-23T14:14:10.6987011Z debug3: authmethod_is_enabled publickey
2020-06-23T14:14:10.6987752Z debug1: Next authentication method: publickey
2020-06-23T14:14:10.6988525Z debug1: Trying private key: /home/runner/.ssh/id_rsa
2020-06-23T14:14:10.6992546Z debug3: sign_and_send_pubkey: RSA SHA256:ZaxLcJE1fbfN3Vun0peksHReV5gYDRlfUgUiIRzK3u4
2020-06-23T14:14:10.7018614Z debug3: send packet: type 50
2020-06-23T14:14:10.7019270Z debug2: we sent a publickey packet, wait for reply
2020-06-23T14:14:10.9642159Z debug3: receive packet: type 52
2020-06-23T14:14:10.9644977Z debug1: Authentication succeeded (publickey).
2020-06-23T14:14:10.9647641Z Authenticated to bitbucket.org ([18.205.93.2]:22).
2020-06-23T14:14:10.9650876Z debug2: fd 4 setting O_NONBLOCK
2020-06-23T14:14:10.9654622Z debug2: fd 5 setting O_NONBLOCK
2020-06-23T14:14:10.9656694Z debug2: fd 6 setting O_NONBLOCK
2020-06-23T14:14:10.9659432Z debug1: channel 0: new [client-session]
2020-06-23T14:14:10.9661459Z debug3: ssh_session2_open: channel_new: 0
2020-06-23T14:14:10.9663417Z debug2: channel 0: send open
2020-06-23T14:14:10.9665579Z debug3: send packet: type 90
2020-06-23T14:14:10.9667573Z debug1: Entering interactive session.
2020-06-23T14:14:10.9669673Z debug1: pledge: network
2020-06-23T14:14:10.9748076Z debug3: receive packet: type 91
2020-06-23T14:14:10.9749029Z debug2: channel_input_open_confirmation: channel 0: callback start
2020-06-23T14:14:10.9749692Z debug2: fd 3 setting TCP_NODELAY
2020-06-23T14:14:10.9750318Z debug3: ssh_packet_set_tos: set IP_TOS 0x08
2020-06-23T14:14:10.9750901Z debug2: client_session2_setup: id 0
2020-06-23T14:14:10.9751452Z debug1: Sending environment.
2020-06-23T14:14:10.9752010Z debug3: Ignored env LEIN_HOME
2020-06-23T14:14:10.9752546Z debug3: Ignored env M2_HOME
2020-06-23T14:14:10.9753106Z debug3: Ignored env GOROOT_1_11_X64
2020-06-23T14:14:10.9754108Z debug3: Ignored env ANDROID_HOME
2020-06-23T14:14:10.9755002Z debug3: Ignored env JAVA_HOME_11_X64
2020-06-23T14:14:10.9755570Z debug3: Ignored env ImageVersion
2020-06-23T14:14:10.9756142Z debug3: Ignored env AGENT_TOOLSDIRECTORY
2020-06-23T14:14:10.9757548Z debug1: Sending env LANG = C.UTF-8
2020-06-23T14:14:10.9758161Z debug2: channel 0: request env confirm 0
2020-06-23T14:14:10.9758954Z debug3: send packet: type 98
2020-06-23T14:14:10.9759517Z debug3: Ignored env AZURE_EXTENSION_DIR
2020-06-23T14:14:10.9760303Z debug3: Ignored env POWERSHELL_DISTRIBUTION_CHANNEL
2020-06-23T14:14:10.9760927Z debug3: Ignored env GITHUB_API_URL
2020-06-23T14:14:10.9761490Z debug3: Ignored env INVOCATION_ID
2020-06-23T14:14:10.9762061Z debug3: Ignored env BOOST_ROOT_1_72_0
2020-06-23T14:14:10.9762639Z debug3: Ignored env JAVA_HOME_12_X64
2020-06-23T14:14:10.9763223Z debug3: Ignored env ANDROID_SDK_ROOT
2020-06-23T14:14:10.9763807Z debug3: Ignored env RUNNER_TOOL_CACHE
2020-06-23T14:14:10.9764365Z debug3: Ignored env SWIFT_PATH
2020-06-23T14:14:10.9764896Z debug3: Ignored env JAVA_HOME
2020-06-23T14:14:10.9765477Z debug3: Ignored env RUNNER_TRACKING_ID
2020-06-23T14:14:10.9766079Z debug3: Ignored env GITHUB_REPOSITORY_OWNER
2020-06-23T14:14:10.9766658Z debug3: Ignored env GITHUB_ACTIONS
2020-06-23T14:14:10.9767287Z debug3: Ignored env DOTNET_SKIP_FIRST_TIME_EXPERIENCE
2020-06-23T14:14:10.9767858Z debug3: Ignored env CI
2020-06-23T14:14:10.9768401Z debug3: Ignored env DOTNET_NOLOGO
2020-06-23T14:14:10.9768947Z debug3: Ignored env USER
2020-06-23T14:14:10.9769599Z debug3: Ignored env GITHUB_HEAD_REF
2020-06-23T14:14:10.9770124Z debug3: Ignored env GITHUB_ACTOR
2020-06-23T14:14:10.9770644Z debug3: Ignored env GITHUB_ACTION
2020-06-23T14:14:10.9771159Z debug3: Ignored env GRADLE_HOME
2020-06-23T14:14:10.9771667Z debug3: Ignored env PWD
2020-06-23T14:14:10.9772161Z debug3: Ignored env ImageOS
2020-06-23T14:14:10.9772653Z debug3: Ignored env HOME
2020-06-23T14:14:10.9773145Z debug3: Ignored env GOROOT
2020-06-23T14:14:10.9774039Z debug3: Ignored env JOURNAL_STREAM
2020-06-23T14:14:10.9774818Z debug3: Ignored env GOROOT_1_14_X64
2020-06-23T14:14:10.9775362Z debug3: Ignored env JAVA_HOME_8_X64
2020-06-23T14:14:10.9775887Z debug3: Ignored env RUNNER_TEMP
2020-06-23T14:14:10.9776576Z debug3: Ignored env CONDA
2020-06-23T14:14:10.9777125Z debug3: Ignored env GOROOT_1_13_X64
2020-06-23T14:14:10.9777696Z debug3: Ignored env BOOST_ROOT_1_69_0
2020-06-23T14:14:10.9778272Z debug3: Ignored env DEBIAN_FRONTEND
2020-06-23T14:14:10.9778852Z debug3: Ignored env RUNNER_WORKSPACE
2020-06-23T14:14:10.9779407Z debug3: Ignored env GITHUB_REF
2020-06-23T14:14:10.9779945Z debug3: Ignored env GITHUB_SHA
2020-06-23T14:14:10.9780483Z debug3: Ignored env GITHUB_RUN_ID
2020-06-23T14:14:10.9781067Z debug3: Ignored env GITHUB_SERVER_URL
2020-06-23T14:14:10.9781638Z debug3: Ignored env GOROOT_1_12_X64
2020-06-23T14:14:10.9782203Z debug3: Ignored env GECKOWEBDRIVER
2020-06-23T14:14:10.9782927Z debug3: Ignored env DEPLOYMENT_BASEPATH
2020-06-23T14:14:10.9783529Z debug3: Ignored env GITHUB_EVENT_PATH
2020-06-23T14:14:10.9784213Z debug3: Ignored env CHROMEWEBDRIVER
2020-06-23T14:14:10.9784793Z debug3: Ignored env HOMEBREW_REPOSITORY
2020-06-23T14:14:10.9785372Z debug3: Ignored env GITHUB_GRAPHQL_URL
2020-06-23T14:14:10.9785953Z debug3: Ignored env RUNNER_OS
2020-06-23T14:14:10.9786508Z debug3: Ignored env GITHUB_BASE_REF
2020-06-23T14:14:10.9787097Z debug3: Ignored env VCPKG_INSTALLATION_ROOT
2020-06-23T14:14:10.9787701Z debug3: Ignored env GITHUB_JOB
2020-06-23T14:14:10.9788292Z debug3: Ignored env PERFLOG_LOCATION_SETTING
2020-06-23T14:14:10.9788881Z debug3: Ignored env JAVA_HOME_7_X64
2020-06-23T14:14:10.9789446Z debug3: Ignored env RUNNER_USER
2020-06-23T14:14:10.9789972Z debug3: Ignored env SHLVL
2020-06-23T14:14:10.9790542Z debug3: Ignored env HOMEBREW_PREFIX
2020-06-23T14:14:10.9791120Z debug3: Ignored env GITHUB_REPOSITORY
2020-06-23T14:14:10.9791708Z debug3: Ignored env GITHUB_EVENT_NAME
2020-06-23T14:14:10.9792270Z debug3: Ignored env LEIN_JAR
2020-06-23T14:14:10.9792837Z debug3: Ignored env GITHUB_RUN_NUMBER
2020-06-23T14:14:10.9793397Z debug3: Ignored env RUNNER_PERFLOG
2020-06-23T14:14:10.9794079Z debug3: Ignored env GITHUB_WORKFLOW
2020-06-23T14:14:10.9794979Z debug3: Ignored env ANT_HOME
2020-06-23T14:14:10.9795554Z debug3: Ignored env PATH
2020-06-23T14:14:10.9796107Z debug3: Ignored env SELENIUM_JAR_PATH
2020-06-23T14:14:10.9796799Z debug3: Ignored env GITHUB_WORKSPACE
2020-06-23T14:14:10.9797373Z debug3: Ignored env CHROME_BIN
2020-06-23T14:14:10.9797937Z debug3: Ignored env HOMEBREW_CELLAR
2020-06-23T14:14:10.9798477Z debug3: Ignored env _
2020-06-23T14:14:10.9799037Z debug2: channel 0: request shell confirm 1
2020-06-23T14:14:10.9799608Z debug3: send packet: type 98
2020-06-23T14:14:10.9800245Z debug2: channel_input_open_confirmation: channel 0: callback done
2020-06-23T14:14:10.9800957Z debug2: channel 0: open confirm rwindow 2097152 rmax 32768
2020-06-23T14:14:10.9801579Z debug2: channel 0: read<=0 rfd 4 len 0
2020-06-23T14:14:10.9802143Z debug2: channel 0: read failed
2020-06-23T14:14:10.9802701Z debug2: channel 0: close_read
2020-06-23T14:14:10.9803633Z debug2: channel 0: input open -> drain
2020-06-23T14:14:10.9804203Z debug2: channel 0: ibuf empty
2020-06-23T14:14:10.9804828Z debug2: channel 0: send eof
2020-06-23T14:14:10.9805447Z debug3: send packet: type 96
2020-06-23T14:14:10.9806538Z debug2: channel 0: input drain -> closed
2020-06-23T14:14:10.9817347Z debug3: receive packet: type 99
2020-06-23T14:14:10.9818978Z debug2: channel_input_status_confirm: type 99 id 0
2020-06-23T14:14:10.9819622Z debug2: shell request accepted on channel 0
2020-06-23T14:14:14.7730606Z debug3: receive packet: type 98
2020-06-23T14:14:14.7731831Z authenticated via a deploy key.
2020-06-23T14:14:14.7735575Z debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
2020-06-23T14:14:14.7736269Z 
2020-06-23T14:14:14.7747013Z debug3: receive packet: type 96
2020-06-23T14:14:14.7747669Z debug2: channel 0: rcvd eof
2020-06-23T14:14:14.7748738Z debug2: channel 0: output open -> drain
2020-06-23T14:14:14.7749395Z debug3: receive packet: type 97
2020-06-23T14:14:14.7750041Z debug2: channel 0: rcvd close
2020-06-23T14:14:14.7750678Z debug3: channel 0: will not send data after close
2020-06-23T14:14:14.7751352Z debug3: channel 0: will not send data after close
2020-06-23T14:14:14.7752000Z debug2: channel 0: obuf empty
2020-06-23T14:14:14.7752595Z debug2: channel 0: close_write
2020-06-23T14:14:14.7753414Z debug2: channel 0: output drain -> closed
2020-06-23T14:14:14.7754189Z debug2: channel 0: almost dead
2020-06-23T14:14:14.7754771Z debug2: channel 0: gc: notify user
2020-06-23T14:14:14.7755371Z debug2: channel 0: gc: user detached
2020-06-23T14:14:14.7755946Z debug2: channel 0: send close
2020-06-23T14:14:14.7756495Z debug3: send packet: type 97
2020-06-23T14:14:14.7757032Z debug2: channel 0: is dead
2020-06-23T14:14:14.7757599Z debug2: channel 0: garbage collecting
2020-06-23T14:14:14.7758631Z debug1: channel 0: free: client-session, nchannels 1
2020-06-23T14:14:14.7759314Z debug3: channel 0: status: The following connections are open:
2020-06-23T14:14:14.7760111Z   #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
2020-06-23T14:14:14.7760434Z 
2020-06-23T14:14:14.7760959Z debug3: send packet: type 1
2020-06-23T14:14:14.7761509Z debug1: fd 0 clearing O_NONBLOCK
2020-06-23T14:14:14.7762090Z debug1: fd 1 clearing O_NONBLOCK
2020-06-23T14:14:14.7762655Z debug1: fd 2 clearing O_NONBLOCK
2020-06-23T14:14:14.7763265Z Transferred: sent 2564, received 1620 bytes, in 3.8 seconds
2020-06-23T14:14:14.7763912Z Bytes per second: sent 673.7, received 425.7
2020-06-23T14:14:14.7764542Z debug1: Exit status 0
2020-06-23T14:14:14.7765215Z You can use git or hg to connect to Bitbucket. Shell access is disabled.
2020-06-23T14:14:14.7765590Z 
2020-06-23T14:14:14.7766191Z This deploy key has read access to the following repositories:
2020-06-23T14:14:14.7766952Z tpilio/tocca-chat

[spaquet]

But logs for git clone [email protected]:tpilio/tocca-chat.git fails with the same "Host key verification failed." (see logs below)

It's like git does not use the KNOWN_HOST.

020-06-23T14:14:14.7808081Z ##[group]Run git clone [email protected]:tpilio/tocca-chat.git
2020-06-23T14:14:14.7808727Z �[36;1mgit clone [email protected]:tpilio/tocca-chat.git�[0m
2020-06-23T14:14:14.7846203Z shell: /bin/bash -e {0}
2020-06-23T14:14:14.7846650Z ##[endgroup]
2020-06-23T14:14:14.7930570Z Cloning into 'tocca-chat'...
2020-06-23T14:14:14.8871407Z Host key verification failed.
2020-06-23T14:14:14.8878007Z fatal: Could not read from remote repository.

[spaquet]

@retrorocket could you try with an access key (https://support.atlassian.com/bitbucket-cloud/docs/add-access-keys/) and I will try removing node js as it's the main difference between our workflows.

[spaquet]

Same error after removing node.js from the test.

[shimataro]

@retrorocket 報告ありがとうございます！マジで謎ですね。。。

---

@spaquet Thank you for the details.
It seems your environment-specific problem, because:

• SSH works successfully
• @retrorocket tried git clone from Bitbucket but no errors occurred

Is there some other causes? 🤔

[spaquet]

@shimataro agree. I tried @retrorocket code, and it fails the same way.

git clone is the issue. It's like this command is not using the .known_host file. I will look at parameters for this command. There might be a way to force know_host.

[shimataro]

@spaquet
I've created test workflow and test bitbucket repository, and it works fine.

Could you test it in the following steps:

1. fork this repo
2. add your private key to secrets in forked repo, and name SSH_KEY
3. commit something and push
4. check "Actions" tab

If it works, the cause may be in your project (workflow file) or bitbucket repo. Check the difference between your project/repo and mine carefully.

If fails, please share the forked repo with me.

[spaquet]

Thanks @shimataro I will review it tomorrow.

[jacktuck]

I've had to echo "" >> ~/.ssh/known_hosts after shimataro/ssh-key-action to ~/.ssh/known_hosts, otherwise when the next entry to ~/.ssh/known_hosts is added (automatically) it is clobbered onto the same line.

     - name: install bitbucket ssh key
        uses: shimataro/ssh-key-action@v2
        with:
          key: ${{ secrets.BITBUCKET_SSH }}
          name: bitbucket-key
          known_hosts: ${{ secrets.BITBUCKET_HOST }}
          config: |
            Host bitbucket.org
              IdentityFile ~/.ssh/bitbucket-key
      - run: echo "" >> ~/.ssh/known_hosts

[jacktuck]

Some further detail..

Branch - https://github.com/jacktuck/test-clone-bitbucket-in-actions/tree/test
Action - https://github.com/jacktuck/test-clone-bitbucket-in-actions/runs/981813541?check_suite_focus=true

Notice known_hosts has 2 hosts on a single line:

bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==

|1|2FtTJRZ200SPXLQCxNP2/9V1HWs=|fsCeDD6DQl+/GmGaaIEXPjAm0oA= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==$

The latter is hashed because ~/.ssh/config has HashKnownHosts set totrue

[shimataro]

Hi, @jacktuck
Thank you for your detailed expression!

It seems to be better to append LF to known_hosts.
I will address it immediately!

[jacktuck]

Thanks @shimataro. Just had a look at the merged PR - I don't think it's necessary to prepend a newline. Did you have a chance to see #150 ?

[shimataro]

@jacktuck
If not prepend, I think it will cause same error when known_hosts already exists(created by previous step) and does not end with LF.

[Bradshaw]

I have come across a very similar issue, and was confused because I was using the same configuration in another repo with no issues.
After reading your LF comments I realised the only difference between the two repos: I set the secrets for the working repo under macOS, and the secrets of the broken repo under Windows. When I tried pasting the known_hosts from the macOS computer, it started working again.

Maybe it working for other people, but in my case, it's impossible for me to set known_hosts from a Windows computer...