All geek questions in one place

Recommended SSH Credential Configuration for Jenkins Slaves

Problem Statement

I am looking for a recommendation on the correct way to configure SSH keys to connect to Git for our master and subordinates Jenkins. There are other similar questions here about Git, Jenkins, and SSH (closest to this ), but no one seems to be answering this question with a specific recommendation on the right path for this.

Background and testing

I am working on a prototype implementation of Jenkins with GemLab in place. We have several years of experience with Jenkins, but integration with Git is new to us. This is also the first time we have configured any sub nodes. Right now we are just trying to get a simple poll to work, no weird push notifications.

The Jenkins master instance runs on Linux (RHEL 6). There are currently 3 slaves: one other RHEL Linux server and two servers running Windows Server 2012 R2. The Jenkins Slave on Windows servers runs as a Windows service. The master and all slaves work with the updated Git v2.10.0 (64-bit).

We intend to use SSH to access GitLab. I created an SSH key with a passphrase and saved it to disk on the host computer. Then I configured the public key as the deployment key for my test project in GitLab. Finally, I added new credentials to Jenkins.

Jenkins URL- GitLab Jenkins, . . SSH GitLab , . Linux .

, Windows , Linux.

Windows

( , .)

, - SSH:

stderr: Unable to negotiate with xxxx port 22: no matching host key type found. Their offer: ssh-dss

SSH. SSH- Git ssh-dss , SSH .

, %HOME%/.ssh/config, , OpenSSH Legacy Options:

Host xxxx
   HostKeyAlgorithms +ssh-dss

Git SSH ssh-dss.

, SSH Windows SSH Git, GIT_SSH='ssh -vvv' Windows. AskUbuntu qaru.site/questions/188544/..., %HOME%/.ssh/config:

Host xxxx
   HostKeyAlgorithms +ssh-dss
   LogLevel DEBUG3

, , . , Windows, SSH, , . :

debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,hostbased
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password,hostbased
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\JENKIN~1.TMS\\AppData\\Local\\Temp\\ssh2489775972592020656key
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug2: no passphrase given, try next key
debug2: we did not send a packet, disable method

- Jenkins SSH Windows, Linux. , Jenkins SSH, , , , Linux -.

  • (, ) , , Linux, Windows. , Windows?

  • SSH ? , .

  • , , - , , ? , - ...?

+4

:

:

Source: https://habr.com/ru/post/1654876/

More articles:


All Articles