3

I have a building-server where I have Jenkins 2.73.3 and another servers where I deploy my apps.

I have also set up a credential to connect from building-server to the other servers.

But everytime I add another server it is difficult to add it because I set up the authorized key in the new server and in the command line works, but not in Jenkins.

Here is a little recipe that fails:

pipeline {
  agent any

  stages {

    stage('Set conditions') {
      steps {
        sshagent(['xxxx-xxxx-xxxx-xxxx-xxxx']) {
          sh "ssh user@product.company.com 'echo $HOME'"
        }
      }
    }

  }
}

And here is the Log failure:

[ssh-agent] Started.
[Pipeline] {
[Pipeline] sh
[check] Running shell script
+ ssh user@product.company.com echo /var/lib/jenkins
$ ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 12567 killed;
[ssh-agent] Stopped.
Host key verification failed.
[Pipeline] }
[Pipeline] // sshagent
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 255
Finished: FAILURE
Gerold Broser
  • 14,080
  • 5
  • 48
  • 107
agusgambina
  • 6,229
  • 14
  • 54
  • 94
  • Possible duplicate of [Jenkins Host key verification failed](https://stackoverflow.com/questions/15174194/jenkins-host-key-verification-failed) – Damon Apr 14 '18 at 20:29

2 Answers2

5

It seems that the solution was to add the parameter StrictHostKeyChecking to the shell script line

sh "ssh -o StrictHostKeyChecking=no user@product.company.com 'echo $HOME'"
agusgambina
  • 6,229
  • 14
  • 54
  • 94
  • 3
    While this will work, this bypasses the verification that the target host is who you want to connect to and is a potential for exploit. You should instead add the target to the build agent's `~/.ssh/known_hosts` file by trying to ssh from each build agent to the target host (or from Jenkins master if not using build agents). See [this answer](https://stackoverflow.com/a/15196114/734790) to [this question](https://stackoverflow.com/questions/15174194/jenkins-host-key-verification-failed) – Damon Apr 14 '18 at 20:28
0

Facing the similar error to perform ssh a new windows machine from Linux machine through Jenkins, while directly ssh command is working in Linux terminal. Struck with this problem.

Below is logs of failed job to new server:

users@tmp/private_key_1077665481980629372.key)
[ssh-agent] Started.
[Pipeline] {
[Pipeline] sh
/ama/scm/jenkins/.jenkins/workspace/ABI
+ ssh -o StrictHostKeyChecking=no pms4@mucad
[Pipeline] }
$ ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 909718 killed;
[ssh-agent] Stopped.
[Pipeline] // sshagent
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 255
Finished: FAILURE

Below is logs of Succeeded job to old server:

users@tmp/private_key_5520255635089660340.key)
[ssh-agent] Started.
[Pipeline] {
[Pipeline] sh
/ama/scm/jenkins/.jenkins/workspace/ABI
+ ssh -o StrictHostKeyChecking=no pms4@mucadt
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

mucmspdom\pms4@MUCADTV52 C:\Users\pms4>      f:

mucmspdom\pms4@MUCADTV52 F:\>         call logoff_users.bat 
logoff disconnect user 16
logoff active user 17
logoff disconnect user 65536

mucmspdom\pms4@MUCADTV F:\>         
mucmspdom\pms4@MUCADTV F:\>
[Pipeline] }
$ ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 909630 killed;
[ssh-agent] Stopped.
[Pipeline] // sshagent
[Pipeline] }
[Pipeline] // stage
[Pipeline] sh
+ echo 'Task Complete. Goodbye!'
Task Complete. Goodbye!
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
Finished: SUCCESS
Maruthi S
  • 1
  • As it’s currently written, your answer is unclear. Please [edit] to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Mar 23 '23 at 22:41