How do you get rid of this prompt when using site-deploy? "Are you sure you want to continue connecting?"
I know this question has been asked multiple times (link, link), but the recommended solutions do not work for me and I will explain why.
Oh, and I posted pretty much the exact same question here
where the solution is to:
# Run this manually:
ssh -o UserKnownHostsFile=foo javadoc.foo.com
# Take that file and put it in your private DAV share, and then
ssh -o UserKnownHostsFile=/private/<account>/known_hosts javadoc.foo.com
Which has been working fine 99% of the time, but using this solution, every once in a while we get the following text over and over again in the logs:
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
3d:69:41:8a:ec:d1:4c:d9:75:ef:7d:71:b7:7d:61:d0.
Please contact your system administrator.
Add correct host key in known_hosts to get rid of this message.
Do you want to delete the old key and insert the new key? (yes/no)
So, back to my problem: in a nutshell, the problem is this: When I run mvn site-deploy, it gets stuck in an infinite loop in Jenkins:
The authenticity of host 'javadoc.foo.com' can't be established.
RSA key fingerprint is 3d:69:41:8a:ec:d1:4c:d9:75:ef:7d:71:b7:7d:61:d0.
Are you sure you want to continue connecting? (yes/no)
The authenticity of host 'javadoc.foo.com' can't be established.
RSA key fingerprint is 3d:69:41:8a:ec:d1:4c:d9:75:ef:7d:71:b7:7d:61:d0.
Are you sure you want to continue connecting? (yes/no)
The machine that this occurs on is a CloudBees machine, so it's not a machine that we own. In other words, every time we do a build, a brand new machine is provisioned to us.
Our settings.xml has something like:
<server>
<id>javadoc.foo.com</id>
<username>username</username>
<password>password</password>
</server>
If it was a machine that we owned and controlled, we could manually ssh on there and run the ssh command just once so that this is fixed, but like I said, those machines are dynamically provisioned to us.
Since we are using maven 3 and not maven 2, we cannot add the following to our server section of the settings.xml:
<configuration>
<knownHostsProvider implementation="org.apache.maven.wagon.providers.ssh.knownhost.NullKnownHostProvider">
<hostKeyChecking>no</hostKeyChecking>
</knownHostsProvider>
</configuration>
Is there a way to either:
I would like to avoid any pre-build steps that could tweak ssh settings; I would prefer to either tweak the settings.xml, pom.xml, or maven options.
Nonetheless, I'm open to any suggestions.
add a shell pre-build step to create ~/.ssh/config with content :
StrictHostKeyChecking no