Re: Fetch private gitlab repo using ssh with Yocto recipe #bitbake

Nicolas Jeker

On Mon, 2022-01-31 at 02:54 -0800, Sourabh Hegde wrote:
Hello @Nicolas @Erik @Khem,

Update from my side:

After following some discussion from other posts, I added "config"
I think you're starting to mix various things together, you should
maybe try to not do everything at the same time. I added comments about
what is wrong with your config, but depending on your build
environment, the ssh config is maybe not the best choice.


User git
PreferredAuthentications publickey
IdentityFile ~/.ssh/
# LogLevel DEBUG3
You need to specify the private key with IdentityFile, not the public

Then I did "eval `ssh-agent -s`"

Then doing "ssh-add ~/.ssh/" results in:
Same here, you should be doing "ssh-add ~/.ssh/id_ed25519" (without the

Permissions 0644 for '/root/.ssh/' are too open.
It is required that your private key files are NOT accessible by
This private key will be ignored.

Whereas the permissions are set as:

ls -l -a ~/.ssh

-rw-r--r-- 1 root root  157 Jan 31 10:48 config
-rw------- 1 root root  464 Jan 20 15:26 id_ed25519
-rw-r--r-- 1 root root  109 Jan 20 15:26
-rw-r--r-- 1 root root  888 Jan 26 08:43 known_hosts
Well, the permissions on id_ed25519 are correct, but you added the
public key as private key in your config / in your ssh-add command,
which doesn't have the required permissions for private keys (because
it's not).

"ssh-agent" is running

SSH_AUTH_SOCK=/tmp/ssh-lcft54A4nriC/agent.2833; export SSH_AUTH_SOCK;
echo Agent pid 2834;

After doing these changes, when I try to "ssh -v" to
test the connection before running bitbake, I get

OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /root/.ssh/config
debug1: /root/.ssh/config line 1: Applying options for
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include
/etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to [] port 22.
debug1: connect to address port 22: Connection
ssh: connect to host port 22: Connection refused

I don't understand what is the issue here.

@Nicolas Can you please let me know where and how to run below
commands? Do I need to run them every time before fetching from
  -v $SSH_AUTH_SOCK:/ssh.socket \
  -e SSH_AUTH_SOCK=/ssh.socket \
I think you should explain your build environment a bit better, as I
can just guess what you're doing. You should add these parameters when
starting your docker container. For example I use something along these

docker run -ti --rm -v ~/development/oe-build:/workdir -v
crops/poky --workdir=/workdir

If you're forwarding the ssh agent like this, you don't need a key or
config file at all, only known_hosts.

On the other hand, if you're using e.g. GitLab pipelines with docker,
you should not do it like mentioned above, but follow their guide [1].


And also I already have "known_hosts" file with matching entries for
key/agent pair.

Can you please let me know how to make this working?

Your help will be much appreciated.

Thanks in advance.

Join to automatically receive all group messages.