Running git pull from a php script
Could not create directory '/.ssh'. Host key verification failed. fatal: The remote end hung up unexpectedly
Read and consider your error message. Host keys are stored in the ~/.ssh/known_hosts file. Your Apache user has "/" as its home directory, and it definitely doesn't and shouldn't have write access to the root.
I suggest that you create a user account for this... maybe gitpull-user
or something. Make sure it has a usable home directory, even if it's somewhere atypical. Login as that user and create a shell script that accomplishes what you're trying to do as that user. Of course, you'll also have to copy your appropriate id_rsa key to the user's account, etc.
Configure sudo to launch that script by adding this line to /etc/sudoers
apache ALL = (gitpull-user) NOPASSWD: /path/to/script.sh`
and also if you're having "No TTY" issues:
Defaults:apache !requiretty
Change your PHP script to call sudo -u gitpull-user ./script.sh
It would be possible to change Apache's home directory to a "real" location and just drop the key in there, but that would expose a risk where your data would have to be owned by apache and the key could be read if the daemon were compromised. Establishing a second user provides a level of isolation.
Related videos on Youtube
AFRC
Updated on September 18, 2022Comments
-
AFRC over 1 year
I was trying the Perfect Workflow, with Git, GitHub, and SSH, but it seems i can't run
git pull
. I've triedgit status
and it's fine.When i
git pull 2>&1
i get:error: cannot open .git/FETCH_HEAD: Permission denied
I tried to chmod .git dir to 777 with no luck.
When i run
whoami
from the browser it shows me:apache
--- EDIT ---
I just did
chown apache:apache -R .git
and now i get:Could not create directory '/.ssh'. Host key verification failed. fatal: The remote end hung up unexpectedly
-
AFRC about 12 yearsI run sudo -u apache ssh github.com
Could not create directory '/.ssh'. The authenticity of host 'github.com (207.97.227.239)' can't be established. RSA key fingerprint is ##############################. Are you sure you want to continue connecting (yes/no)? yes Failed to add the host to the list of known hosts (/.ssh/known_hosts). Permission denied (publickey).
-
AFRC about 12 yearsThanks for your help Jeff Ferland. Unfortunately i dont have the knowledge to do that. Appreciated the effort.
-
AFRC about 12 yearsThanks again Jeff. I did that. But nothing happened.