failed to start SSH session: Unable to exchange encryption keys; class=Ssh (23)

[numiralofe]

Hi All,

Any pointers would be highly appreciated, i can't understand what i am failing on 😞

when i run cargo build

Caused by:
  failed to fetch `ssh://[email protected]/<gitlab_project_path>`

Caused by:
  network failure seems to have happened
  if a proxy or similar is necessary `net.git-fetch-with-cli` may help here
  https://doc.rust-lang.org/cargo/reference/config.html#netgit-fetch-with-cli

Caused by:
  failed to start SSH session: Unable to exchange encryption keys; class=Ssh (23)

Info:

• That user has a valid ssh key that its used with gitlab
• I am running gitlab-cargo-shim on 192.168.128.35 with the following config:

listen-address = "[::]:22"
state-directory = "/var/lib/gitlab-cargo-shim"

[gitlab]
uri = "https://my_gitlab_url"
admin-token = "<gitlab token>"

I have the following on ~/.cargo/config.toml:

[registries]
gitlab = { index = "ssh://[email protected]/<path_to_gitlabproject>" }

Added the following env var to the container, but not getting any extra log information 🤔

 RUST_LOG="debug"

[w4]

Hey @numiralofe

The error message is indeed correct here, the net.git-fetch-with-cli config value or CARGO_NET_GIT_FETCH_WITH_CLI environment variable is required to run gitlab-cargo-shim unfortunately.

Let me know how you get on.

Thanks

[numiralofe]

hey @w4

much appreciated 😃 just so that any future "like me" comes along this, adding the following block to my ~/.cargo/config.toml fixed the previous issue.

[net]
git-fetch-with-cli = true   # use the `git` executable for git operations

got stucked now on the next one 😞

cargo build -v
    Updating `gitlab` index
     Running `git fetch --force --update-head-ok 'ssh://[email protected]/cbrain/platform/types' '+HEAD:refs/remotes/origin/HEAD'`
error: failed to get `types` as a dependency of package `my_project v0.1.0 (/home/nuno/rust/my_project)`

Caused by:
  failed to load source for dependency `types`

Caused by:
  Unable to update registry `gitlab`

Caused by:
  failed to fetch `ssh://[email protected]/cbrain/platform/types`

Caused by:
  process didn't exit successfully: `git fetch --force --update-head-ok 'ssh://[email protected]/cbrain/platform/types' '+HEAD:refs/remotes/origin/HEAD'` (exit status: 128)
  --- stderr
  [email protected]: Permission denied (publickey).
  fatal: Could not read from remote repository.

  Please make sure you have the correct access rights
  and the repository exists.

i can run the above git fetch command without any problems if i point directly to my gitlab instance instead of the cargo-shim container.

$ cargo build -v
    Updating `gitlab` index
     Running `git fetch --force --update-head-ok 'ssh://git@gitlab/cbrain/platform/types' '+HEAD:refs/remotes/origin/HEAD'`
error: no matching package named `types` found
location searched: registry `gitlab`
required by package `my_project v0.1.0 (/home/nuno/rust/my_project)`

my doubt is:

as i understand, on the ~/.cargo/config.toml , registries block should point into the cargo-shim container url / port (like the snip bellow) ?

[registries]
gitlab = { index = "ssh://[email protected]/cbrain/platform/types" }

if correct ( that it should point to the cargo-shim container ) , why the auth error 🤔 cause with my current credentials i can authenticate fine if point at the gitlab instance it just fails if pointing at the cargo-shim container...

On the other hand, if registries should point directly to gitlab then i am not understanding how cargo-shim will be used as the interface between cargo build and gitlab 🤔

I will be again super appreciated with any pointer.
Thanks

[w4]

Hey @numiralofe

There's some discussion about this in #28, the steps in the README to use this in CI are currently incorrect

Thanks

[numiralofe]

Hey @w4

Thanks again 😃

After reading #28 tried both options on my ~/.ssh/config

Host cargo-shim
    Hostname cargo-shim
    User gitlab-ci-token:$GITLAB_TOKEN

and

Host cargo-shim
    Hostname cargo-shim
    User git
    IdentityFile ~/.ssh/id_rsa

my ~/.cargo/config.toml doesn't refer any username:

[registries]
gitlab = { index = "ssh://cargo-shim/cbrain/platform/types" }

but still no joy 😞

$ cargo -v build 
    Updating `gitlab` index
     Running `git fetch --force --update-head-ok 'ssh://cargo-shim/cbrain/platform/types' '+HEAD:refs/remotes/origin/HEAD'`
error: failed to get `types` as a dependency of package `my_project v0.1.0 (/home/nuno/rust/my_project)`

Caused by:
  failed to load source for dependency `types`

Caused by:
  Unable to update registry `gitlab`

Caused by:
  failed to fetch `ssh://cargo-shim/cbrain/platform/types`

Caused by:
  process didn't exit successfully: `git fetch --force --update-head-ok 'ssh://cargo-shim/cbrain/platform/types' '+HEAD:refs/remotes/origin/HEAD'` (exit status: 128)
  --- stderr
  git@cargo-shim: Permission denied (publickey).
  fatal: Could not read from remote repository.

  Please make sure you have the correct access rights
  and the repository exists.

[w4]

I believe the first one should work but instead of $GITLAB_TOKEN it should be $CI_JOB_TOKEN