2

I need to setup Jenkins + bitbucket integration for particular repo.

repo is as below

origin  ssh://git@git.companyName.com:7999/ta/wa-automation.git (fetch)
origin  ssh://git@git.companyName.com:7999/ta/wa-automation.git (push)

I can clone this repo, commit to it without entering email and password

But when I try command 

ssh -T git@bitbucket.org
Permission denied (publickey).

ssh -T git@bitbucket.companyName.com
Permission denied (publickey).

    ssh -Tv git@git.companyName.com -p 7999
    OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g  1 Mar 2016
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug1: Connecting to git.companyName.com [xx.xx.xxx.xx] port 7999.
    debug1: Connection established.
    debug1: identity file /home/vingleshwar/.ssh/id_rsa type 1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/vingleshwar/.ssh/id_rsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/vingleshwar/.ssh/id_dsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/vingleshwar/.ssh/id_dsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/vingleshwar/.ssh/id_ecdsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/vingleshwar/.ssh/id_ecdsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/vingleshwar/.ssh/id_ed25519 type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/vingleshwar/.ssh/id_ed25519-cert type -1
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2
    debug1: Remote protocol version 2.0, remote software version SSHD-UNKNOWN
   debug1: no match: SSHD-UNKNOWN
   debug1: Authenticating to git.companyName.com:7999 as 'git'
   debug1: SSH2_MSG_KEXINIT sent
   debug1: SSH2_MSG_KEXINIT received
   debug1: kex: algorithm: ecdh-sha2-nistp256
   debug1: kex: host key algorithm: ssh-rsa
   debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 
   compression: none
   debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 
   compression: none
   debug1: sending SSH2_MSG_KEX_ECDH_INIT
   debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
   debug1: Server host key: ssh-rsa 
   SHA256:ydycrDWOZA8h7jHiLQRh9dxRXC0cnx+rw
   debug1: Host '[git.companyName.com]:7999' is known and matches the RSA host key.
   debug1: Found key in /home/vingleshwar/.ssh/known_hosts:4
   debug1: rekey after 4294967296 blocks
   debug1: SSH2_MSG_NEWKEYS sent
   debug1: expecting SSH2_MSG_NEWKEYS
   debug1: rekey after 4294967296 blocks
   debug1: SSH2_MSG_NEWKEYS received
   debug1: SSH2_MSG_SERVICE_ACCEPT received
   debug1: Authentications that can continue: publickey
   debug1: Next authentication method: publickey
   debug1: Offering RSA public key: /home/vingleshwar/.ssh/id_rsa
   debug1: Server accepts key: pkalg ssh-rsa blen 279
   debug1: Authentication succeeded (publickey).
   Authenticated to git.companyName.com ([xx.xx.xxx.xx]:7999).
   debug1: channel 0: new [client-session]
   debug1: Entering interactive session.
   debug1: pledge: network
   debug1: Sending environment.
   debug1: Sending env LC_PAPER = de_DE.UTF-8
   debug1: Sending env LC_ADDRESS = de_DE.UTF-8
   debug1: Sending env LC_MONETARY = de_DE.UTF-8
   debug1: Sending env LC_NUMERIC = de_DE.UTF-8
   debug1: Sending env LC_TELEPHONE = de_DE.UTF-8
   debug1: Sending env LC_IDENTIFICATION = de_DE.UTF-8
   debug1: Sending env LANG = en_US.UTF-8
   debug1: Sending env LC_MEASUREMENT = de_DE.UTF-8
   debug1: Sending env LC_TIME = de_DE.UTF-8
   debug1: Sending env LC_NAME = de_DE.UTF-8
   shell request failed on channel 0

I don't have admin access to company's bitbucket server.

https://bitbucket.companyName.com/plugins/servlet/ssh/account/keys has got public key entry

How to fix this issue ?

[Solution] - Below accepted answer helped to debug and fix as below

  • https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html "To create a key with a name or path other than the default," without passphrase. Earlier ssh keys created with passphrase didn't work

  • xclip -selection clipborad < ~/.ssh/my-new-ssh-key.pub added under bitbucket Account SSH keys

  • xclip -selection clipborad < ~/.ssh/my-new-ssh-key added under Jenkins credentials SSH username with private key

vikramvi
  • 3,312
  • 10
  • 45
  • 68
  • try https://confluence.atlassian.com/bitbucket/troubleshoot-ssh-issues-271943403.html – sam Jan 16 '18 at 07:11

1 Answers1

0

Do a ssh -Tv git@git.companyName.com -p 7889 to see what public key is actually used to connect successfully to your internal server.

Then make sure that public key is actually the one registered in your BitBucket account.

As mentioned by the OP, using a key with passphrase was an issue.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Getting below error OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * ssh: Could not resolve hostname git.companyName:7889: Name or service not known what may be going wrong here ? I could able to clone and commit to this repo with ssh keys and checked under /plugins/servlet/ssh/account/keys that public ssh key is correct. Q.2) Will it make different if ssh key is password protected ? – vikramvi Jan 16 '18 at 11:38
  • @vikramvi Sorry, the syntax for the ssh command was not the right one, I have edited my answer (following https://askubuntu.com/questions/264046/how-to-ssh-on-a-port-other-than-22) – VonC Jan 16 '18 at 11:51
  • @vikramvi Start with an ssh key without passphrase. Easier to debug. – VonC Jan 16 '18 at 11:51
  • I've create new set of keys without passpharse and tried your command got lots of debug1: messages and in the end debug1: Sending env LC_TIME = de_DE.UTF-8 debug1: Sending env LC_NAME = de_DE.UTF-8 shell request failed on channel 0. Atleast there is some progress now :) does this mean all is good or still something is missing ? – vikramvi Jan 16 '18 at 13:41
  • @vikramvi did you register your public key in your account ssh key page setting, on the git server? – VonC Jan 16 '18 at 13:42
  • Yes, I did in bitbucket under https://bitbucket.companyName.com/plugins/servlet/ssh/account/keys – vikramvi Jan 16 '18 at 13:45
  • @vikramvi I mentioned -p 7889 because of your question, but you mention also ssh -T git@bitbucket.companyName.com: so do you need the 7889 port here? What `ssh -Tv git@git.companyName.com` alone return? – VonC Jan 16 '18 at 13:47
  • vingleshwar@NB112:~$ ssh -T git@git.companyName.com Permission denied (publickey). vingleshwar@NB112:~$ ssh -T git@git.companyName.com -p 7999 shell request failed on channel 0 – vikramvi Jan 16 '18 at 13:48
  • Let's assume you don't need 7889 (7889 by the way, from your question, not 7999 like your last comment): can you edit your question with the result of `ssh -Tv git@git.companyName.com` (note the 'v' here) – VonC Jan 16 '18 at 13:51
  • sorry for confusion about port id, I've modified it while submitting question when I do git remote -v origin ssh://git@git.companyName.com:7999/ta/wa-automation.git (fetch) origin ssh://git@git.companyName.com:7999/ta/wa-automation.git (push) Shall I still go ahead and edit my question ? As there is port involved here – vikramvi Jan 16 '18 at 14:09
  • @vikramvi if the port is actually needed, then you would need to edit the question with `ssh -Tv git@git.companyName.com -p 7999` (it's `-Tv` , not just `-T`) – VonC Jan 16 '18 at 14:11
  • @vikramvi the '....' could be interesting to look at, but regarding the last error message, would https://stackoverflow.com/q/27021641/6309 help? Or https://serverfault.com/q/351162/783? (What is your client OS by the way?) – VonC Jan 16 '18 at 14:21
  • Ubuntu 16.04, I've added whole output please check – vikramvi Jan 16 '18 at 14:53
  • 2
    @vikramvi Strange: it *seems* to authenticate properly but then fails on that channel issue. Hence my previous comment and links. – VonC Jan 16 '18 at 21:34
  • "to see what public key is actually used to connect successfully to your internal server" - where in the output can I see what public key is being used? – Bernard Esterhuyse Oct 19 '20 at 12:30
  • @BernardEsterhuyse The verbose output of a `ssh -Tv` will display all the keys tried, with their full path. Look for `Offering RSA public key:` for instance. – VonC Oct 19 '20 at 12:41