Ambiguous key verification error

[tomjn]

With the recent change to githubs RSA fingerprints we had to update the SSH known hosts secret, but unfortunately github was not the only thing in there ( is there ever a situation were this deployer would run and not need to know the github SSH? ).

However github was not the only host listed, and now deployment fails with host key verification failed, but which key? Who is the host? My key? The private key in secrets? The server we're deploying to? How do I find out?

Here's the output, I've swapped out the IP for 1.2.3.4:

$ php vendor/bin/dep deploy test -v --no-interaction --ansi -vvv 
✈︎ Deploying deploy-test on 1.2.3.4
• done on [1.2.3.4]
➤ Executing task deploy:prepare
[23.94.156.6] > echo $0
[23.94.156.6] < ssh multiplexing initialization
[23.94.156.6] < Host key verification failed.
➤ Executing task deploy:failed
• done on [1.2.3.4]
✔ Ok [0ms]
➤ Executing task deploy:unlock
[23.94.156.6] > rm -f ~/deploy/.dep/deploy.lock
[23.94.156.6] < ssh multiplexing initialization
[23.94.156.6] < Host key verification failed.

Also noting that this is an inherited setup, the person who originally set this up is long gone and unavailable

Upvote & Fund

• We're using Polar.sh so you can upvote and help fund this issue.
• We receive the funding once the issue is completed & confirmed by you.
• Thank you in advance for helping prioritize & fund our backlog.

[peterjaap]

See https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/

[tomjn]

we did, please re-read the issue! Thats what triggered the problem, we grabbed the new known hosts entries for github and put them in the secret referenced from the action.

Since I raised the issue I figured out that the host key verification it was complaining about referred to the server we are deploying to, and that was not clear from the output, hence the issue. I figured this out by using ssh-keyscan until I discovered which one it was. This would have been much easier and quicker if the deployer action had named the host.