I was migrating a service from one server to another. After testing everything we went ahead and updated CI but it couldn't do the tunneling we required via ssh anymore. We went through all the usual suspect checking syslog and /etc/ssh/sshd_config parameters. Everything appeared okay.
In our case the CI we were using was BitBucket Pipelines but I think this is likely to happen in any continuous integration solution since it's more an ssh thing. This might be happening to you if you're seeing something like this:
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:I1Jbni6WLT89FOUyYALAC+thfmPw4m9XBiXHFnlUaCQ
debug1: read_passphrase: can't open /dev/tty: No such device or address
Host key verification failed.