I have installed Azure Devops self-hosted agent on Windows Server 2025, and I get an error when checking out repositories in pipelines. I'm using Azure Devops repositories.
I have followed the instructions od the InstallSSHKey@0
task but doesn't work for me.
ssh-keygen -t rsa-sha2-512
and I have private key and .pub
(public key) file. Upload private key to securefiles and copy public key to sshPublicKey
input in ymlssh-keyscan ssh.dev.azure.com
and copy value to yml pipeline in knownHostsEntry
UserSettings > SSH Public Keys
In the log, I can see that "Install SSH Key" is executing correctly and the checkout is going well downloading the main repository, but it fails downloading submodules.
Cloning into 'C:/agent/_work/1/s/submodule'...
Host key verification
failed. fatal: Could not read from remote repository.
Here is my pipeline yml.
# Select self hosted agent
pool:
name: Default
demands:
- Agent.Name -equals Agent2-Windows
# InstallSSH Key and Checkout steps
- task: InstallSSHKey@0
displayName: 'Install an SSH key'
inputs:
knownHostsEntry: |
ssh.dev.azure.com ssh-rsa AAAAB3N.....
sshPublicKey: |
ssh-rsa AAAAB3N.... #Content of .pub file
sshKeySecureFile: #private key uploaded to securefiles
- checkout: self
displayName: Checkout
fetchDepth: 1
submodules: true
clean: true
I have seen that InstallSSHKey@0 task doesn't work correctly when selft-hosted agent is running as NT AUTHORITY\NETWORK SERVICE
user.
So I have created new user and configured self-hosted agent to run as newly created user.
Create User
$pass = Read-Host -AsSecureString "Insert password"
New-LocalUser -Name "devops-agent-user" -Password $pass -FullName "Agente Azure DevOps" -Description "User for devops agent"
Add-LocalGroupMember -Group "Users" -Member "devops-agent-user"
Configure Self-Hosted Agent using unattended mode
.\config.cmd --unattended `
--url https://dev.azure.com/COMPANY `
--auth pat `
--token <TOKEN> `
--pool Default `
--agent <AGENT_NAME> `
--runAsService `
--enableservicesidtypeunrestricted `
--windowsLogonAccount ".\devops-agent-user" `
--windowsLogonPassword "<USER_PASSWORD>"
Followind this steps I have solved the problem and now checkout is working well including git submodules
.