GitLab CI — SSH with Passphrase deploy example

Hi, everyone!

Today we have needed make a deploy via GitLab CI to a shared web hosting. Until here all was normal, however, the hosting doesn’t allow add owned ssh keys or create its own ssh keys without password.

By the way, the important thing here is in the GitLab documentation, they say us that the ssh key file mustn’t to have a passphrase. Please read it, there are the all guide for ssh-keygen, ssh-agent and knownhosts. Actually is a good a summary.

Now our example

• Generate a ssh key pair public and private with ssh-keygen. (In our case we have to generate it with passphrase) So… YES! you can use a passphrase if follow this guide.
• Copy the public key to the folder~/.ssh/authorized_keys in the serve with ssh-copy-id -i ~/.ssh/mykey/ user@host.net (In our case it not was necessary because it was generated for the user in the shared host).
• Generate the known hosts info from the server with ssh-keyscan host.net >> SSH_KNOWN_HOSTS .
• Set all variables by environment in GitLab.

gitlab environment variables