0

I have installed git in the Linux server(Server1) and created a remote git repository in that server1 Now I need to clone the git repository to server2 through Jenkins so I installed Jenkins in the server2, Now Jenkins was hosted in server2.

In Jenkins I have created a freestyle project, In the Repository URL section, I entered the URL of git repo like: git@<server1_ip>:/opt/dev/repo/pals/ui.git

For authentication, I have tried each credential one by one given below:

git repo username and password git repo username and SSH Private key Jenkins username and password Jenkins username and SSH Private key But I am facing the below error:

Repository URL

git@<server1_ip>:/opt/dev/repo/pals/ui.git

Failed to connect to repository : Command "git ls-remote -h -- git@<server1_ip>:/opt/dev/repo/pals/ui.git HEAD" returned status code 128: stdout: stderr: Permission denied, please try again. Permission denied, please try again. git@<server1_ip>: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.

Naveen Srinivasan
  • 15
  • 2

1 Answers1

0

git@<server1_ip>:/opt/dev/repo/pals/ui.git

That is an SSH URL, which means you need to:

  • register the private key in Jenkins server2 using the Jenkins SSH Credential plugin (try a passphrase-less key, to avoid any issue with SSH agent, for testing)
  • make sure server1:~git/.ssh/authorized_key has the public key in it.

On server2, you can at least test ssh -i /path/to/private/key git@server1 to make sure that works first. Then test from Jenkins.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Hi ssh -i /path/to/private/key git@server1 The above command itself was not working in server2. When I enter the above it asks me to enter the Password. please help me on this. – Naveen Srinivasan Aug 21 '22 at 03:48
  • @NaveenSrinivasan Sorry for the delay, I had to get away from the keyboard for a while today. Try to create a new SSH key *without* passphrase (for testing) and register it through the Jenkins SSH Credential Plugin. `ssh-keygen -t rsa -P "" -f /path/to/new/private/key2`. Obviously, replace `/path/to/new/private/key2` by the actual full pathname of the new key file. – VonC Aug 21 '22 at 17:40
  • I tried this, but no luck. I updated the private key in Jenkins and the public key in the authorized_key file in server1's git account. – Naveen Srinivasan Aug 22 '22 at 04:07
  • @NaveenSrinivasan Can you try in command line from Server2 to check (using the same account as the one running Jenkins running on that same Server2) to open an SSH session to Server1: `ssh -i /path/to/new/private/key2 git@`. Again, assuming `server1:~git/.ssh/authorized_key` does have the new public key in it. – VonC Aug 22 '22 at 06:33
  • **@VonC** If I try means `ssh -i /path/to/new/private/key2 git@` It didn't take key authentication, It asks me to enter the password of the git account of server1. The key authentication was also enabled on both servers. Yes, Here `server1:~git/.ssh/authorized_key` The new public key of the Jenkins account of server2 is only available. – Naveen Srinivasan Aug 22 '22 at 10:44
  • @NaveenSrinivasan If it asks for a password (for a passphrase-less key), that means the public key from Server2 was not properly added to `server1:~git/.ssh/authorized_key` (maybe added as multiple lines instead of a single line). – VonC Aug 22 '22 at 13:58
  • I could able to login successfully to the root account of server1 using key authentication. But for the git user account of server1 alone asks password even using key authentication. – Naveen Srinivasan Aug 22 '22 at 16:36
  • @NaveenSrinivasan In your root session on Server1, can you double-check the content of `~git/.ssh/authorized_key`, and triple-check the rights (`chmod`) and ownership (`chown`) of `~git/.ssh`? (rights [as seen here](https://stackoverflow.com/a/65680033/6309)) – VonC Aug 22 '22 at 19:10
  • The below both the locations have the same public key only `~git/.ssh/authorized_key` `~root/.ssh/authorized_key` The Permission of `~git/.ssh` **700** chown was **git:git** The Permission of `~git/.ssh/authorized_key` **600** chown was **git:git** – Naveen Srinivasan Aug 24 '22 at 04:58
  • @NaveenSrinivasan If that public key is the one matching Server2 private key, then `ssh -i /path/to/new/private/key2 git@` should not ask for any password (unless the private key was created encrypted) – VonC Aug 24 '22 at 05:04