Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Calling SSH command from Jenkins

Tags:

ssh

jenkins

rtc

rational-team-concert

Jenkins keeps using the default "jenkins" user when executing builds. My build requires a number of SSH calls. However these SSH calls fails with Host verification exceptions because i haven't been able connect place the public key for this user on the target server.

I don't know where the default "jenkins" user is configured and therefore cant generate the required public key to place on the target server.

Any suggestions for either;

  1. A way to force Jenkins to use a user i define
  2. A way to enable SSH for the default Jenkins user
  3. Fetch the password for the default 'jenkins' user

Ideally I would like to be able do both both any help greatly appreciated.

Solution: I was able access the default Jenkins user with an SSH request from the target server. Once i was logged in as the jenkins user i was able generate the public/private RSA keys which then allowed for password free access between servers

like image 860
cdugga Avatar asked Aug 13 '13 15:08

cdugga

2 Answers

Because when having numerous slave machine it could be hard to anticipate on which of them build will be executed, rather then explicitly calling ssh I highly suggest using existing Jenkins plug-ins for SSH executing a remote commands:

  • Publish Over SSH - execute SSH commands or transfer files over SCP/SFTP.
  • SSH - execute SSH commands.
like image 82
luka5z Avatar answered Sep 30 '22 02:09

luka5z

The default 'jenkins' user is the system user running your jenkins instance (master or slave). Depending on your installation this user can have been generated either by the install scripts (deb/rpm/pkg etc), or manually by your administrator. It may or may not be called 'jenkins'.

To find out under what user your jenkins instance is running, open the http://$JENKINS_SERVER/systemInfo, available from your Manage Jenkins menu.

There you will find your user.home and user.name. E.g. in my case on a Mac OS X master:

user.home   /Users/Shared/Jenkins/Home/
user.name   jenkins

Once you have that information you will need to log onto that jenkins server as the user running jenkins and ssh into those remote servers to accept the ssh fingerprints.

An alternative (that I've never tried) would be to use a custom jenkins job to accept those fingerprints by for example running the following command in a SSH build task:

ssh -o "StrictHostKeyChecking no" your_remote_server

This last tip is of course completely unacceptable from a pure security point of view :)

like image 36
coffeebreaks Avatar answered Sep 30 '22 02:09

coffeebreaks
Sign in to Comment

Related questions

scp to Amazon EC2 fails but ssh works
Ansible: to how make Paramiko use ~/.ssh/config?
How to clone github private repository in cpanel (shared host without terminal or ssh)?
How to resolve a timeout exception when TeamCity fetches changes from a SSH Git repository
AttributeError: 'NoneType' object has no attribute 'open_session'"
subversion client encrypted password via gnome-keyring for ssh (only) client
Public key authentication issues on cygwin
How do I authenticate programmatically using jsch?
how to connect from one ec2 instance to another ec2 instance through ssh
SSH, Connection established, but stuck
SSH connection not persistent
Ansible: Install package with pip from a private git repo
Using Emacs TRAMP with an ssh server that doesn't provide /bin/sh?
Mercurial hg no suitable response from remote hg error
In Sublime 3, can I use project settings to disable packages?
"I have no name!" as user logging into Jenkins in a docker container that uses Tini
Visual Studio 2013 devenv fails to build project when not signed in on Windows 10
SSH Bitbucket Clone in Visual Studio 2019 not working
Where to place node.js files on server?
Git, SSH and ProxyCommand

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!