Jenkins Host key verification failed

Question

Change to the jenkins user and run the command manually:

git ls-remote -h [email protected]:person/projectmarket.git HEAD

You will get the standard SSH warning when first connecting to a new host via SSH:

The authenticity of host 'bitbucket.org (207.223.240.181)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
Are you sure you want to continue connecting (yes/no)?

Type yes and press Enter. The host key for bitbucket.org will now be added to the ~/.ssh/known_hosts file and you won't get this error in Jenkins anymore.

Jenkins is a service account, it doesn't have a shell by design. It is generally accepted that service accounts. shouldn't be able to log in interactively.

To resolve "Jenkins Host key verification failed", do the following steps. I have used mercurial with jenkins.

1)Execute following commands on terminal

             $ sudo su -s /bin/bash jenkins

provide password

2)Generate public private key using the following command:

              ssh-keygen

you can see output as ::

Generating public/private rsa key pair. 
Enter file in which to save the key (/var/lib/jenkins/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 

3)Press Enter --> Do not give any passphrase--> press enter

             Key has been generated

4) go to --> cat /var/lib/jenkins/.ssh/id_rsa.pub

5) Copy key from id_rsa.pub

6)Exit from bash

7) ssh@yourrepository

8) vi .ssh/authorized_keys

9) Paste the key

10) exit

11)Manually login to mercurial server

Note: Pls do manually login otherwise jenkins will again give error "host verification failed"

12)once manually done, Now go to Jenkins and give build

Enjoy!!!

Good Luck

Or you can use:

ssh -oStrictHostKeyChecking=no host

This will be insecure (man in the middle attacks) but easiest solution.

The better way to do that is to generate correct mappings between host and ip address, so ssh will not complain:

#!/bin/bash

for domain in "github.com" "bitbucket.org"; do
    sed -i "/$domain/d" ~/.ssh/known_hosts
    line=$(ssh-keyscan $domain,`nslookup $domain | awk '/^Address: / { print $2 ; exit }'`)
    echo $line >> ~/.ssh/known_hosts
done

Excerpt from gist.

Had same problem, i fix it like that :

reset permission on id_rsa* only for current user no group no other

chmod o-rwx ~/.ssh/id*
chmod G-rwx ~/.ssh/id*

ls -lart ~/.ssh/


-rw-------  1 jenkins nogroup  398 avril  3 09:34 id_rsa.pub
-rw-------  1 jenkins nogroup 1675 avril  3 09:34 id_rsa

And clear ~/.ssh/know_hosts

Now Connect as jenkins

sudo su jenkins

Try the jenkins commands

git ls-remote -h [email protected]:user/project.git HEAD

If no problem appears, now jenkins will be able to connect the repo (for me ^^ at least)