Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-20638

SSH key credential doesn't work with key passphrase

    Details

    • Similar Issues:

      Description

      I added a SSH key credential with a passphrase set on the key. This credential was used in a job as credentials for a Git clone via ssh. The job was not able to execute the Git clone. It failed with the following error in the log:

      stdout: Cloning into '/var/lib/jenkins/jobs/Begin_Release/workspace'...

      stderr: Permission denied, please try again.
      Permission denied, please try again.
      Permission denied (publickey,password).
      fatal: The remote end hung up unexpectedly

      Inspecting the SSH log on the repository server revealed that the publickey method was never attempted. Executing the command as the Jenkins user from the commandline worked.

      This could only resolved by removing the passphrase from the key after which the job was able to clone the repository and execute as expected.

        Attachments

          Issue Links

            Activity

            Hide
            idemax Marcelo Filho added a comment -

            Are the same?

            stderr: Permission denied, please try again.
            Permission denied, please try again.
            Permission denied (publickey,password).
            fatal: Could not read from remote repository.
            
            Show
            idemax Marcelo Filho added a comment - Are the same? stderr: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,password). fatal: Could not read from remote repository.
            Hide
            markewaite Mark Waite added a comment -

            The change submitted as a fix for JENKINS-27998 may also resolve this bug. It is a partial fix in that it works on the Linux variants I've tried, but does not work on Windows.

            The git plugin and git client plugin are being tested in hopes of releasing new versions before the end of June. If you're willing to assist with the testing, please download and install a pre-release build of the git client plugin and the git plugin. Problems detected in the pre-release should be e-mailed to Mark Waite and Nicolas De Loof.

            I wrote some test ideas if you would like suggestions of areas that need testing. The git plugin supports many different use cases and its automated tests only evaluate a very few of those use cases.

            Show
            markewaite Mark Waite added a comment - The change submitted as a fix for JENKINS-27998 may also resolve this bug. It is a partial fix in that it works on the Linux variants I've tried, but does not work on Windows. The git plugin and git client plugin are being tested in hopes of releasing new versions before the end of June. If you're willing to assist with the testing, please download and install a pre-release build of the git client plugin and the git plugin . Problems detected in the pre-release should be e-mailed to Mark Waite and Nicolas De Loof . I wrote some test ideas if you would like suggestions of areas that need testing. The git plugin supports many different use cases and its automated tests only evaluate a very few of those use cases.
            Hide
            markewaite Mark Waite added a comment -

            Included in git client plugin 1.18.0 released 18 July 2015 for Unix based clients. Not resolved, and not clear if it can be resolved for Windows based clients.

            Show
            markewaite Mark Waite added a comment - Included in git client plugin 1.18.0 released 18 July 2015 for Unix based clients. Not resolved, and not clear if it can be resolved for Windows based clients.
            Hide
            dejayc Dejay Clayton added a comment -

            I'm experiencing this issue for the first time, after my coworker updated all Jenkins plugins. git-client was upgraded to v1.18.0. I'm not sure what version was previously installed.

            Keys without passwords work fine; keys with passwords no longer work.

            If I log into the shell account for the Jenkins tomcat user, I see the following message echoed to the screen whenever Jenkins attempts to verify the Git credentials:

            "Enter passphrase for key '/home/tomcat/tomcat/temp/ssh8175827570904316216key':

            This problem persists in git-client versions 1.18 and 1.19. I'm not sure what version was installed when passwords seemed to work properly.

            I'm using Jenkins 1.622 on Ubuntu 14.04.3 LTS, and Jenkins 1.617 on Yosemite. My repositories are hosted on GitHub.

            Show
            dejayc Dejay Clayton added a comment - I'm experiencing this issue for the first time, after my coworker updated all Jenkins plugins. git-client was upgraded to v1.18.0. I'm not sure what version was previously installed. Keys without passwords work fine; keys with passwords no longer work. If I log into the shell account for the Jenkins tomcat user, I see the following message echoed to the screen whenever Jenkins attempts to verify the Git credentials: "Enter passphrase for key '/home/tomcat/tomcat/temp/ssh8175827570904316216key': This problem persists in git-client versions 1.18 and 1.19. I'm not sure what version was installed when passwords seemed to work properly. I'm using Jenkins 1.622 on Ubuntu 14.04.3 LTS, and Jenkins 1.617 on Yosemite. My repositories are hosted on GitHub.
            Hide
            markewaite Mark Waite added a comment -

            Dejay Clayton comments on his investigation are in JENKINS-20879

            Show
            markewaite Mark Waite added a comment - Dejay Clayton comments on his investigation are in JENKINS-20879

              People

              • Assignee:
                stephenconnolly Stephen Connolly
                Reporter:
                f_zschocke Florian Zschocke
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: