Reputation: 3321
Jenkins configuration with ssh passphrase
I am able to run a jenkins build with a local git repository, but only with no-passphrase ssh key. When I have passphrase, I start getting permission issues in the build.
How can i configure jenkins to use passphrase?
-- I am also new to ssh. Here is how I configured my jenkins (on ubuntu).
su jenkins
ssh-keygen ....
cat key.pub
su user_with_github_repo
cd ~/.ssh/
append jenkins key.pub to authorized_keys
Upvotes: 2
Views: 8505
Answers (1)
Reputation: 746
The issue you are having is likely due to the fact that ssh will ask interactively for the passphrase. I recommend against trying to enter the passphrase non-interactively in your script as that seems to add very little in terms of security.
Rather, you could use ssh-agent and ssh-add to unlock the key and keep it in memory. ssh-add adds the key to ssh-agent, which is a deamon process. You would unlock the key when the server starts and Jenkins would then be able to authenticate using the key stored in memory.
To do this, run ssh-agent on server boot and capture its output (two exports, SSH_AUTH_SOCK and SSH_AGENT_PID) to a file. It should run as the jenkins user. Use ssh-add to unlock the key. Then source the output file whenever you want to authorise using that key, in your Jenkins build script for example. Et voila!
Upvotes: 9
Related Questions
- Connecting to Jenkins with ssh key
- how to setup ssh keys for jenkins to publish via ssh
- Jenkins: How to enter credentials for SSH login
- Why is Jenkins still asking for an ssh passphrase after passing the key?
- Jenkins Git configuration with passphrase on Windows
- Not able to add SSH Key in Jenkins Configuration
- Pass password through jenkins build step
- Jenkins ssh without password
- How to use SSH-credentials?
- Jenkins CLI Authentication