SSH Host Key Verification Failed inside GitLab CI

A server can have multiple signatures in case of load balanced server. Ideal way is to change

- echo "$SSH_KNOWN_HOSTS" >> /.ssh/known_hosts

to

- ssh-keyscan www.gitlab.com >> /.ssh/known_hosts

You may need to try setting the mode to 644 rather than 700. 644 is what is suggested in the Verifying the SSH host keys documentation, and is also what SSH uses for this file by default. Some parts of SSH are very particular about this - I'm not sure if known_hosts is particular.

The docs also mention you should set the value of SSH_KNOWN_HOSTS variable to the entire output of ssh-keyscan since there are multiple keys.

EDIT:

The following .gitlab-ci.yml worked for me on GitLab.com. Note the use of ~/.ssh/ rather than /.ssh/.

image: ubuntu:latest

test_job:
  script:
  - apt-get update
  - apt-get install openssh-client git-core -y
  - eval $(ssh-agent -s)
  - echo "$SSH_DEPLOY_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
  - mkdir -p ~/.ssh && touch ~/.ssh/known_hosts
  - echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
  - git clone [email protected]:gitlab-org/gitlab-ce.git