You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/guides/modules/integration/pages/add-ssh-key.adoc
+44-4Lines changed: 44 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,7 +18,7 @@ See the following VCS-specific docs for additional details on creating SSH keys:
18
18
****
19
19
20
20
[#steps-to-add-additional-ssh-keys]
21
-
== 1. Add an additional SSH key to your project
21
+
== Add an additional SSH key to your project
22
22
23
23
CircleCI cannot decrypt SSH keys, therefore every new key must have an empty passphrase. The below examples are for macOS.
24
24
@@ -35,7 +35,7 @@ If you have a GitLab integration, you will find that an additional SSH key alrea
35
35
. Select *Add SSH Key*.
36
36
37
37
[#add-ssh-keys-to-a-job]
38
-
== 2. Add SSH keys to a job
38
+
== Add SSH keys to a job
39
39
40
40
Even though all CircleCI jobs use `ssh-agent` to automatically sign all added SSH keys, you *must* use the `add_ssh_keys` key to actually add keys to a container.
41
41
@@ -63,9 +63,49 @@ All fingerprints in the `fingerprints` list must correspond to keys that have be
63
63
To checkout additional repositories from within your job, ensure that you run the `checkout` command *before*`add_ssh_keys`; otherwise, `CIRCLE_CI_REPOSITORY_URL` will be empty. Also ensure that the private key is added to the CircleCI project and that the public key has been added to the additional repositories that you want to checkout from within your job.
64
64
65
65
[#adding-multiple-keys-with-blank-hostnames]
66
-
== Adding multiple keys with blank hostnames
66
+
=== Adding multiple keys with blank hostnames
67
67
68
-
If you need to add multiple SSH keys with blank hostnames to your project, you will need to make some changes to the default SSH configuration provided by CircleCI. In the scenario where you have multiple SSH keys that have access to the same hosts, but are for different purposes the default `IdentitiesOnly no` is set causing connections to use `ssh-agent`. This will always cause the first key to be used, even if that is the incorrect key. If you have added the SSH key to a container, you will need to either set `IdentitiesOnly no` in the appropriate block, or you can remove all keys from the `ssh-agent` for this job using `ssh-add -D`, and reading the key added with `ssh-add /path/to/key`.
68
+
If you add multiple SSH keys with blank hostnames to your project, you will need to make some changes to the default SSH configuration provided by CircleCI.
69
+
70
+
If you have multiple SSH keys for different purposes that have access to the same hosts, the default `IdentitiesOnly no` is set, which causes connections to use `ssh-agent`.
71
+
72
+
In this scenario the first key is used regardless of whether it is the correct key. If you have added the SSH key to a container, you will need to either set `IdentitiesOnly yes` in the appropriate block, or you can remove all keys from the `ssh-agent` for the job using `ssh-add -D` and read the added key using `ssh-add /path/to/key`.
73
+
74
+
[#using-specific-ssh-keys-for-a-job]
75
+
=== Using specific SSH keys for a job
76
+
77
+
[NOTE]
78
+
====
79
+
SSH keys are named using MD5 fingerprints with colons removed from the hash.
80
+
81
+
To retrieve the MD5 fingerprint of an SSH key, run this command locally:
0 commit comments