Permalink
Docker jenkins image SSH keys GitHub. I have downloaded the official docker jenkins image and installed Git+GitHub plugin for Jenkins. In the credentials menu I add the public key of my regular GitHub user (did not generate new) and in the build configuration I specify the git url. Unfortunately, I get a Permission denied (public key) from GitHub. Feb 12, 2018 Manage Jenkins – configure credentials – credentials – system –Add credentials. Change the credentials “kind” to “SSH Username with private key” in follow with username that is being used in the bitbucket account,private key and passphrase that used to unlock the private key. Now add the public key to bit bucket, Bitbucket – settings – security–ssh keys –add keys. For recommendations, see options for SSH keys. Generating a new SSH key pair. If you want to create: An ED25519 key, read ED25519 SSH keys. An RSA key, read RSA SSH keys. ED25519 SSH keys. The book Practical Cryptography With Go suggests that ED25519 keys are more secure and performant than RSA keys. Jul 17, 2017 Instead of writing the ssh key to a file, using this plugin allows you to expose a SSH agent. This agent will provide SSH keys stored in Jenkins. SSH client will connect to the agent and will be able to use the key to authenticate. Note that the private key is never written to the build slave, neither in the build container, the Agent plugin.
Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
Sign upBranch:master
Jenkins Docker Generate Ssh Key Windows
Find file Copy path
Fetching contributors…
Jenkins Github Ssh Private Key
# The MIT License |
# |
# Copyright (c) 2019-2020, Alex Earl |
# |
# Permission is hereby granted, free of charge, to any person obtaining a copy |
# of this software and associated documentation files (the 'Software'), to deal |
# in the Software without restriction, including without limitation the rights |
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
# copies of the Software, and to permit persons to whom the Software is |
# furnished to do so, subject to the following conditions: |
# |
# The above copyright notice and this permission notice shall be included in |
# all copies or substantial portions of the Software. |
# |
# THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN |
# THE SOFTWARE. |
# Usage: |
# docker run jenkins/ssh-agent <public key> |
# or |
# docker run -e 'JENKINS_AGENT_SSH_PUBKEY=<public key>' jenkins/ssh-agent |
# or |
# docker run -e 'JENKINS_AGENT_SSH_PUBKEY=<public key>' -e 'JENKINS_AGENT_SSH_KNOWNHOST_0=<known host entry>' -e 'JENKINS_AGENT_SSH_KNOWNHOST_n=<known host entry>' jenkins/ssh-agent |
[CmdletBinding()] |
Param( |
[Parameter(Position=0,ValueFromRemainingArguments=$true)] |
[string] $Cmd |
) |
functionGet-SSHDir { |
returnJoin-Path'C:/Users/$env:JENKINS_AGENT_USER''.ssh' |
} |
functionCheck-SSHDir { |
$sshDir=Get-SSHDir |
if(-not (Test-Path$sshDir)) { |
New-Item-Type Directory -Path $sshDir|Out-Null |
icacls.exe$sshDir/setowner $env:JENKINS_AGENT_USER|Out-Null |
icacls.exe$sshDir/grant $('{0}:(CI)(OI)(F)'-f$env:JENKINS_AGENT_USER) /grant 'administrators:(CI)(OI)(F)'|Out-Null |
icacls.exe$sshDir/inheritance:r |Out-Null |
} |
} |
functionWrite-Key($Key) { |
# this writes the key and sets the permissions correctly for pubkey auth |
$authorizedKeys=Join-Path (Get-SSHDir) 'authorized_keys' |
Set-Content-Path $authorizedKeys-Value '$Key'-Encoding UTF8 |
icacls.exe$authorizedKeys/setowner $env:JENKINS_AGENT_USER|Out-Null |
} |
functionWrite-HostKey($Key) { |
# this writes the key and sets the permissions |
$knownHosts=Join-Path (Get-SSHDir) 'known_hosts' |
Set-Content-Path $knownHosts-Value '$Key'-Encoding UTF8 |
icacls.exe$knownHosts/setowner $env:JENKINS_AGENT_USER|Out-Null |
} |
# Give the user Full Access to the home directory |
icacls.exe'C:/Users/$env:JENKINS_AGENT_USER'/grant '${env:JENKINS_AGENT_USER}:(CI)(OI)(F)'|Out-Null |
# check the .ssh dir permissions |
Check-SSHDir |
if($env:JENKINS_AGENT_SSH_PUBKEY-match'^ssh-.*') { |
Write-Key$env:JENKINS_AGENT_SSH_PUBKEY |
} |
$index=0 |
$knownHostKeyVar=Get-ChildItem-Path 'env:JENKINS_AGENT_SSH_KNOWNHOST_$index'-ErrorAction 'SilentlyContinue' |
while($null-ne$knownHostKeyVar) { |
Write-HostKey$knownHostKeyVar.Value |
$index++ |
$knownHostKeyVar=Get-ChildItem env: -Name 'JENKINS_AGENT_SSH_KNOWNHOST_$index' |
} |
if(![System.String]::IsNullOrWhiteSpace($Cmd)) { |
if($Cmd-match'^ssh-.*') { |
Write-Key$Cmd |
} else { |
&$Cmd |
exit |
} |
} |
# ensure variables passed to docker container are also exposed to ssh sessions |
Get-ChildItem env: |ForEach-Object { setx /m $_.Name$_.Value|Out-Null } |
Start-Service sshd |
# dump network information |
ipconfig |
netstat -a |
while($true) { |
# if we don't do this endless loop, the container exits |
Start-Sleep-Seconds 60 |
} |
Run Jenkins In Docker
Copy lines Copy permalink