search

jenkinsci / publish-over-ssh-plugin

https://plugins.jenkins.io/publish-over-ssh/
117 stars 150 forks source link

[JENKINS-57495] Publish with ssh plugin does not work with openssh key #89

Open jira-importer opened 5 years ago

jira-importer commented 5 years ago

The publish over ssh plug does not accept a newly generated openssh (7.9-p1)

 

jenkins@server-two ~ $ ssh-keygen -b 1024 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jenkins/.ssh/id_rsa):
/home/jenkins/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/jenkins/.ssh/id_rsa.
Your public key has been saved in /home/jenkins/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Dxg/hh433DNdQxDGlnWsGMmTjHGT6cEn1dPs0VbczJI jenkins@server-two
The key's randomart image is:
+---[RSA 1024]----+
| .B*@+OB|
| .o^oE+%|
| . o Bo=o|
| * . .o....|
| + S + . |
| . + = o |
| . . |
| |
| |
+----[SHA256]-----+

 

 

 

jenkins@server-two ~ $ cat ~/.ssh/id_rsa

-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAIEAtEuhS29xJQfHaJMexAlAVLf9wy2dHKh+EbXrD5DmpRq2PABjzZWK
xvU/yvfCBpyMHaMLohMLhpUSqyKQd8a7h+6fLRPc51epviFhL6rFX/lqlWy4pnL0wq0a5I
30tGXPjL8Qzc/pqHwRz8yUmA0RLOSdFgSvrBu6YA0jmTxL4ZsAAAIIb8CTnm/Ak54AAAAH
c3NoLXJzYQAAAIEAtEuhS29xJQfHaJMexAlAVLf9wy2dHKh+EbXrD5DmpRq2PABjzZWKxv
U/yvfCBpyMHaMLohMLhpUSqyKQd8a7h+6fLRPc51epviFhL6rFX/lqlWy4pnL0wq0a5I30
tGXPjL8Qzc/pqHwRz8yUmA0RLOSdFgSvrBu6YA0jmTxL4ZsAAAADAQABAAAAgGj4w79U8i
5aOhrD1ZzTuhXZTjEuRJRj8YrEPUjB19f3FnUW0QTodXVjYzH8UIZi7R1wSZyitAo2jzj+
ldh258XA28b+qFMLPo4X0E6CWevSd6kVsub9I7JxwOeQXf26QgvOAcp3o4TIJIjg8LcVQU
VdWBVPBJbebnpiLHCDJDb5AAAAQQCOldoy3U8NdOEXhh5U47BLZeMQT+KXWyfUzZ83uxRS
UvKwL60AAc1fCuhi0G50rFBZDO1f4you3ZqYbxdI5CtIAAAAQQDqyDeMZ/0U+53Ox/BFeR
Pw58F9KAjhCKYn3RMz9cUAs/NHvAnZP3o/YAANVSjHPpNnLfI7W4rughM8XroOivCPAAAA
QQDEltdLfsCuItzcJXkMquojSK7TQlsONEcL7L4bozUWcCrkicjU24sj/U1rTlQpUC74yP
out7NQioc/Yi7FmKw1AAAAEmplbmtpbnNAc2VydmVyLXR3bw==
-----END OPENSSH PRIVATE KEY-----

 

Use ssh-copy-id to copy the newly generated ssh key to the desired destination server.

 

Navigate to Configure Jenkins

Set the passphrase and path to key to blank.

 

Set the key to the above text

 

Set ssh server name, hostname, and remote directory as appropriate

Click "Test Configuration".

 

Expected behavior, the test either works, or tells me that it's unable to authenticate against the target server.

 

Actual behavior:

I get this message.

 

Failed to connect or change directory
jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key. Message [invalid privatekey: [B@d8d395a]

 

 

Subsequent activation of the "Test Configuration" button give me the same message, but with a different hex code at the end.

 

Originally reported by jonesmzmeshpp, imported from: Publish with ssh plugin does not work with openssh key
  • status: Open
  • priority: Blocker
  • resolution: Unresolved
  • imported: 2022/01/10
jira-importer commented 5 years ago

gizmo15:

Hi,

 

I have the same issue. I generate a key with this method :

ssh-keygen -t rsa -b 4096

 

And i use ssh-copy-id :

ssh-copy-id -i .ssh/id_rsa.pub jenkins@hakael.secu.loc

 

If i made an ssh -i id_rsa jenkins@hakael.secu.loc, it's works but if i use the test in the configuration console, it failed, always.

jira-importer commented 5 years ago

matkal93:

The solution for me was to export my private key in different format using puttygen- look at description in https://stackoverflow.com/questions/2224066/how-to-convert-ssh-keypairs-generated-using-puttygen-windows-into-key-pairs-us

jira-importer commented 5 years ago

ehooi:

I had the same issue and solved.

The problem is private key file format.
This is my private key header. This is from ssh-keygen on Macbook, not from puttygen.

-----BEGIN OPENSSH PRIVATE KEY-----
b3Blb....

"BEGIN OPENSSH" and "b3Blb...." means the "newer OpenSSH format".
Jenkins or plugin failed to read this format.

 

If you want to make "older" OpenSSH format, try this.
Or make your keys by using old ssh-keygen.

 

ssh-keygen -t rsa -b 4096 -m PEM

 

Your new private key should looks like this.

 

-----BEGIN RSA PRIVATE KEY-----
MIIE....

 

ps. You can't use ed25519 algorithm. Because ed25519 needs newer format.

 

jira-importer commented 3 years ago

dskrvk:

Taehyung Lim's workaround solved the issue for me. It would be great to be able to support the new format and the ed25519 algo though.