I am attempting to find the public key for git.balena-cloud.com, however, the ssh-keyscan command is continually timing out.
ssh-keyscan git.balena-cloud.com
Has anyone else experienced this issue?
Hi there, what is your use case, why do you need the key? This will help us sort the issue, thanks.
Hello,
We still use the outdated git push to deploy code to Balena from our CI/CD. In order for this to work we need to whitelist the public key. At the moment we store the Balena public key in the environment variables. We use the above command to find the public key for the environment variable.
I hope this helps,
Thanks
Hi there – thanks for the explanation; this definitely makes sense.
At the moment, I’m not experiencing any problems with the command you gave us. I’ll check with our engineers to see if we experienced any problems this morning, but can you run this command again and report how it goes?
All the best,
Hugh
Hi there – a coule other questions I meant to ask: can you let me know if this command has worked for you in the past, or if this is the first time you have tried it? And can you try running ssh -vvv git.balena-cloud.com and sending back the output?
All the best,
Hugh
Hello,
Running ssh-keyscan git.balena-cloud.com neither fails nor provides any output when I tried this morning. This was the same behaviour as before.
Here is some of the output from ssh -vvv git.balena-cloud.com, if you need the full debug let me know and I will send it over?
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:NfwmqnKId5cx1RWpebbEuuM87bCJbdyhzRnqFES9Nnw
debug1: Host 'git.balena-cloud.com' is known and matches the ECDSA host key.
Warning: Permanently added the ECDSA host key for IP address '3.224.47.37' to the list of known hosts.
Thanks,
Henry
Hi Henry,
We could not guarantee that the public keys will not change in the future. In order to avoid the need to whitelist keys, you may want to use balena push instead of git push to deploy your code. You’ll just need to set your API key using balena login --token <API token>. You’ll need to use balena cli in your CI/CD if you’d like to try this.
Regards,
Carlo
Please get back to us if the balena push approach will work for you. If this is not possible for your CI/CD setup, we will find another solution.
Cheers,
Carlo
We also started experiencing this issue on our CI/CD yesterday (May 11th).
Can confirm that the ssh-keyscan method used to work and now seems to return no output
Hi @elemenix. Could you please confirm that you are using balena push instead of git push? Then you can use the method mentioned above and set your API key using balena login --token . with balena cli in your CI/CD.
We were experiencing the issue with git push, but it was easy enough to move over to using balena push instead
Hi @cmfcruz,
Sorry I never responded previously, we ended up adding an environmental variable for the Balena Cloud fingerprint in order to avoid changing from git push to balena push.
Thanks