While trying to execute some shell command to a remote server from Jenkins, I am getting "Host key verification failed." error.
I have installed Jenkins in a docker on my MAC. Now from the Jenkins browser, I want to run some shell command to a remote server (which is accessible).
To do that I already added the server (10.206.y.z) in the configure page of jenkins (by providing hostname i.e. 10.206.y.z, username & the key generated in 10.206.y.z server in the SSH Servers section) & tested the connection. The connection test passed & then I saved the configuration.
For executing shell command on 10.206.y.z, I created a FreeStyle project & in the Execute Shell section I am passing ssh root1#10.206.y.z 'hostname'.
If I run the project by clicking 'Build Now', I am getting the below error & the build fails.
Running as SYSTEM
Building in workspace /var/jenkins_home/workspace/TestProject
[TestProject] $ /bin/sh -xe /tmp/jenkins4234161871485451783.sh
+ ssh root1#10.206.y.z hostname
Host key verification failed.
Build step 'Execute shell' marked build as failure
Finished: FAILURE
Any help please?
I think that the problem is the key. You are using the key generated in the destination machine (10.206.y.z)
You should use the key generated on the jenkins server and pass it to the destination server. For that you could use ssh-copy-id
Related
I'm a little bit of a newb, with this CI/CD container stuff so please correct me anywhere I'm wrong.
I can't seem to find out how to send by npm build files created on my jenkins instance (workspace) to a remote server. I have a pipeline that successfully pulls in my github repo, does all my fun npm stuff (npm install, test, build). I see my build dir in my jenkins instance /workspace.
My environment is as follows. We have a server where docker (with Portainer) is installed. Jenkins is running in a container with a volume mounted (my react build dir goes here). No issues with the pipeline or building etc. I just can't figure out how to push my artifacts from my jenkins workspace directory to my 'remote' dev server.
I can successfully open a console in my jenkins container (portainer as the jenkins user) and scp files from the workspace directory using my remote server creds(but password is necessary).
I installed and used "Publish Over SSH" Jenkins plugin and get a successful "Test Configuration" from my setup.
I created my RSA keys on the REMOTE machine (that I'm trying to push my build files to).
I then pasted the private key (created without a password) into the plugin at the 'Use password authentication, or use a different key' section. Again, I get a successful test connection.
In my pipeline the last step is deploying and I use this command
sh 'scp -r build myusername#xx.xx.xx.xx:/var/files/react-tester'
I get a 'Permission denied (publickey,password).' error. I have no password associated with the rsa key. I tried both ways, creating the rsa key on the remote machine as my remote user, and the jenkins machine as the jenkins user. I've read examples of people creating the keys both ways, but not sure which user/machine combo to create the keys and paste to which section of the 'Publish Over SSH' plugin.
I'm out of ideas.
First, go to "Manage Jenkins" > "Credentials", add a new SSH credential of type "SSH Username with private key" and fill the "Username" and your private key (generate one if you haven't done it yet) fields (you can also upload one). Don't forget that you have to copy the generated public key to the ${SSH_USERNAME}/.ssh/authorized_keys file on the remote server.
I'm assuming you're using a scripted or DSL pipeline here. In your code, after you've builded your application, you can push it to your server adding this step to your pipeline:
pipeline {
stages {
stage("Pushing changes to remote server") {
steps {
script {
def remote_server = "1.2.3.4"
withCredentials([sshUserPrivateKey(credentialsId: 'my-key', keyFileVariable: 'SSH_KEY', passphraseVariable: '', usernameVariable: 'SSH_USERNAME')]) {
sh "scp -i \${SSH_KEY} build/ ${SSH_USERNAME}#${remote_server}:/var/files/react-tester/"
}
}
}
}
}
}
Best regards.
Jenkins Pipeline job doesn't trigger pipeline job using jenkins cli. When i run jenkins as anaonymous this works, but when i create a user/admin it fails.
I have a job A which has parameters and passes the same to Pipeline Job. This is a Master-slave setup. This is how i run:
sudo java -jar /home/user/jenkins-cli.jar -s $JENKINS_URL build pipeline_job -p parameter_Name="$parameter_Name" -p parameter_Name2="$parameter2_Name"
1.) I tried using options, "-auth" , "-username -password" but doesn't work.
errors:
No such command: -auth
No such command: -ssh
2.) Another option is paste the public key in SSH section http://jenkin_url/me/configure , but still it fails
error:
java.io.IOException: Invalid PEM structure, '-----BEGIN...' missing
Is there i am missing anything ?
I Found the solution,
1.) used SSH CLI.
In my case i was using master-slave environment, connection was made using SSH keys vice-versa. In order to trigger the build using Jenkins CLI, place the SSH keys both public & private and place them in http://jenkinsURL/user/username/configure
Here username= the one used to connect the nodes.
Trigger the job as below:
java -jar /home/username/jenkins-cli.jar -s $JENKINS_URL -i /home/username/.ssh/id_rsa build JOBNAME
Note: This is one way but cloudbees doesn't encourage this approach.
2.) There is new approach i.e., using API token authentication.
Go to http://jenkinsURL/user/username/configure
Copy the API token
trigger the build as below:
java -jar /home/username/jenkins-cli.jar -s $JENKINS_URL -auth username:apitoken /home/username/.ssh/id_rsa build JOBNAME
Note: For using API token option, download the latest jar file
I am trying Jenkins to execute an ansible playbook.
But I am getting the unreachable host error which I don't get otherwise.
fatal: [vogo-alpha.cloudapp.net]: UNREACHABLE! => {"changed": false, "msg": "Authentication failure.", "unreachable": true}
I have given this variable in ansible hosts file,
ansible_ssh_private_key_file=/home/luvpreet/.ssh/id_rsa
I think it is because the user jenkins is playing those playbooks and it cannot read this private key file. I tried to make jenkins' user home folder but it was not successful.
It can be done if I switch to the user luvpreet and then run these playbooks.
How do I switch to another user via jenkins shell ?
OR
Is there any other way this problem can be solved ?
There are a couple of possibilities why your solution is working. Most likely because Ansible is trying to ssh to your target machine as the jenkins user which isn't on said machine. I'd approach the problem from a different angle.
First, I'd install the Ansible plugin for Jenkins. This allows you to use the built in credentials located at "Manage Jenkins > Manage Credentials". There you can copy and paste your key in (or point to a key file located on the jenkins server) and set the username that will ssh to the target machine. In your job configuration choose "Invoke Ansible Playbook" for your build step rather than shell. There will be a "Credentials" parameter where you can specify the ssh key you added earlier. The rest should be pretty self explanatory.
I am trying to pass a parameter to remote machine with ssh. I have used ssh plugin to add remote host.
# works for local shell
+ echo sdk
sdk
executing script:
BUILD="sdk"
# doesn't work for remote shell
export BUILD
echo "$BUILD"
BUILD=sdk: Command not found.
export: Command not found.
BUILD: Undefined variable.
[SSH] exit-status: 1
Build step 'Execute shell script on remote host using ssh' marked build as failure
Finished: FAILURE
I tried with double quotes, curly braces, export, but with nothing I am able to get the value of the parameter on remote shell. Can someone let me know if I am missing any configuration on jenkins?
The issue was with remote machine's default shell. It was tcsh, changed default shell to bash and it resolved the issue.
I have a compressed file in my jenkins workspace folder, I am trying to transfer that compressed file over ssh, but I got SSH: Transferred 0 file(s)
My Configurations are below-
Transfer set source file: my-files.zip
Remove Prefix:
Remote directory: /home/my-files
My Console Output:
Started by user Mizanur Rahman
SSH: Transferred 0 file(s)
Build step 'Send files or execute commands over SSH' changed build result to SUCCESS
Finished: SUCCESS
The first test would be to try and replicate that tranfer manually, from the server executing the job, with the user running the job.
On that server, try at least a:
ssh -Tv xxx#remote.com
That will confirm if you (as the user running the Jenkins job) actually establish an secure shell session. Replace xxx and remote.com by the remote user and remote server target for that session.