Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Unable to point to ssh keys in ~/.ssh on Jenkins host

I've installed SSH Agent Plugin to pull Git repository using SSH authentication. I'd like to use SSH keys located in system file (from the Jenkins master ~/.ssh option). It's screenshot taken from official plugin's page:

Screen from official plugin's page

Unfortunately I don't see this option. I can select only "Enter directly". Please check out my screenshot.

my screenshot

Did I configure something wrong?

like image 590
pmajcher Avatar asked Jun 30 '18 23:06

pmajcher


People also ask

Where do I put ssh keys in Jenkins?

Add SSH Key inside Jenkins Now go to Credentials from left pane inside Jenkins console and then click global: Then Go to add new credentials. Kind dropdown, select 'SSH username with private key'.

How do I access Jenkins ssh?

Global Configuration. From the Jenkins home page, click "Manage Jenkins" and then click on "Configure System" and find the SSH section. It allows you to configure hosts that are later available in your builds.

How does Jenkins store ssh keys?

Add SSH Key inside JenkinsIn the dropdown, select 'SSH username with private key' and then give a name for it. Copy the private key from the Jenkins server. Now you can clone any git repo in this Jenkins instance. You do not need to provide the credentials while configuring the job in Jenkins.


1 Answers

This is a reletively recent change, explained in security advisory 440 : https://jenkins.io/security/advisory/2018-06-25/

SECURITY-440 / CVE-2018-1000601 SSH Credentials Plugin allowed the creation of SSH credentials with keys "From a file on Jenkins master". Credentials Binding Plugin 1.13 and newer allows binding SSH credentials to environment variables. In combination, these two features allow users with the permission to configure a job to read arbitrary files on the Jenkins master by creating an SSH credential referencing an arbitrary file on the Jenkins master, and binding it to an environment variable in a job.

SSH Credentials Plugin no longer supports SSH credentials from files on the Jenkins master file system, neither user-specified file paths nor ~/.ssh. Existing SSH credentials of these kinds are migrated to "directly entered" SSH credentials.

like image 77
Mikael Avatar answered Oct 24 '22 09:10

Mikael