Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Jenkins pipeline - ssh to different machine and where to store credentials (using ssh/SSHAgent plugin/etc...)

TLDR: how to ssh a different machine and where to store ssh credentials on Jenkins pipeline (using ssh / SSHAgent plugin /etc...) ?

The Problem: In Jenkins pipeline I need a remote ssh to target machine. My old approach was to use "Execute shell scripts on remote host using ssh". I would like to specify both username and password.

I've read that the groovy approach shoud be something like

sshagent(['RemoteCredentials']) {
    sh 'ssh -o StrictHostKeyChecking=no -l remoteusername remotetarget uname -a'
  }

RemoteCredentials: it is the private key with passphrase

Is there a way to make ssh with username/password remote credentials? The sshagent does not support username/password auth

Riccardo

like image 364
Riccardo79 Avatar asked Jun 14 '16 07:06

Riccardo79


1 Answers

So unfortunately, you're right.

It looks like the ssh-agent-plugin only supports stored user,passphrase,public key credentials added through the Credentials Management area in Jenkins. See this unit test that verifies that ssh-agent is working correctly based around a public key. It's unlikely that there is untested functionality in the plugin to support user+password auth.

If you can, make the switch to Public Key based authentication. If for some reason you can't switch ... you COULD install sshpass on your Jenkins box, but this is generally considered bad practice.

node {
    stage 'Does sshpass work?'
    sh 'sshpass -p \'password\' ssh user@host "ls; hostname; whois google.com;"'
}
like image 133
Stefan Crain Avatar answered Sep 17 '22 10:09

Stefan Crain