NixOS
Digital Ocean: Host key verification failed.
I'm having ssh-related issues with a nixops deployment to digital ocean. I'm on macOS, and I have linuxkit-nix configured successfully for local builds that require linux.
When deploying to DO, the initial ssh into the machine goes fine:
machine> waiting for SSH........................
machine> running nixos-infectWarning: Permanently added '165.22.236.211' (ECDSA) to the list of known hosts.
The installer seems to be running ok until we get to the reboot:
machine> waiting for the machine to finish rebooting....[down]..................................................................................................
[up]
Then, the address is added to known_hosts again?
Warning: Permanently added '165.22.236.211' (ED25519) to the list of known hosts.
Build info is output:
these derivations will be built:
/nix/store/018fxn4x26vgq2iy56nvdbdg0pk7zik2-vconsole.conf.drv
....
And our third? ssh connection fails.
cannot build on 'ssh://[email protected]': cannot connect to '[email protected]': Host key verification failed.
(Nixops then errors with error: a 'x86_64-linux' with features {} is required to build '/nix/store/9j73g9irkbd904xs6m1kjhzjkcinziz6-append-initrd-secrets.drv', but I am a 'x86_64-darwin' with features {benchmark, big-parallel, nixos-test}).
I posted on linuxkit-nix https://github.com/nix-community/linuxkit-nix/issues/31: the advice I received was that nixops uses the target host as a remote builder when the system is not the same as the client, so the issue isn't with linuxkit, but rather with nixops, the DO provider and why it's changing ssh keys on the host.
Any idea what could be causing this issue with the ssh connections?
Host key verification failed
I had the same issue when running a nixops deploy on github actions. In my case I fixed it by doing:
ssh-keyscan <host_ip> >> ~/.ssh/known_hosts
## from https://askubuntu.com/questions/123072/ssh-automatically-accept-keys
