Where does CircleCI-2.0 store the ssh private keys?

Question

Aim

To deploy docker container using ansible using CircleCI-2.0.

Method

A private key has been created and added using the CircleCI-2.0 UI.

.circle/config.yml

version: 2
jobs:
  build:
    docker:
      - image: ubuntu:xenial
    working_directory: ~/project

Results

Running ansible results in:

Failed to connect to the host via ssh: Warning: Permanently added
Permission denied (publickey,password)

Discussion

The assumption was made that the keys would have been stored in ~/.ssh, but this seems to be empty.

Is your target host accepting this key (when tried manually)?

Yes. Log in using ssh root@host -i key succeeds.

Are you using the same user in the container?

Yes. The root user is used both manually as from the CircleCI-2.0.

Conclusion

In summary, the question is where does CircleCI-2.0 store the private keys that have been submitted using the UI? The ~/.ssh directory is empty.

score 5 · Accepted Answer · answered Apr 11 '17 at 08:26

I still don't get how your config.yml could launch ansible without a step part. Here is my findings, but I'm unsure it is what you're after, but that was too long for a comment.

According to the documentation here you have to add a add_ssh_keys with the fingerprint of your key as seen in the UI.

- add_ssh_keys:
    fingerprints:
      - "48:a0:87:54:ca:75:32:12:c6:9e:a2:77:a4:7a:08:a4"

Where does CircleCI-2.0 store the ssh private keys?

1 Answers1