Gerrit Code Reivew not accepting ssh credentials from Jenkins

Question

I have been trying to get a Jenkins build to pull from my Gerrit repo using SSH. I created a user named jenkinsbuild in Gerrit, and entered the public key for the user.

I am using the Git SCM option and using the Credentials plugin. For my Credentials, I set the user name the jenkinsbuild and enter the private key directly (rather than pointing to the key file).

My SCM configuration looks like this

Repository URL: ssh://jenkinsbuild@domain.com:29418/test/testgit

Credentials jenkinsbuild (Jenkins Credentials)

When I run the build, it gets hung up on trying to fetch from the GIT repo. It polls for 10 minutes, then the process times out. I have looked at /var/log/secure on the Gerrit server and seen errors like:

Jun  8 11:06:25 xxxxx sshd[9887]: Invalid user jenkinsbuild from xx.xx.xxx.xxx
Jun  8 11:06:25 xxxxx sshd[9887]: debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 0
Jun  8 11:06:25 xxxxx sshd[9887]: debug3: mm_request_send entering: type 8
Jun  8 11:06:25 xxxxx sshd[9888]: input_userauth_request: invalid user jenkinsbuild

In order to debug that issue, I logged on to the Jenkins server as jenkinsbuild and tried to do a git clone of the repository. It worked (after some tinkering). I am not sure why I can clone directly from the server but not from Jenkins.

Does anyone have any advice on how I can further debug this issue?

Answer 1

Turns out that the GIT plugin for Jenkins (at least the version I am on) doesnt support ssh keys with passphrases. Seems kind of odd since it uses the Credentials plugin, which allows you to provide a passphrase.

There are plenty of bugs open for it, including JENKINS-20879

The solution was to regenerate the ssh keys without a passphrase.