Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57495

Publish with ssh plugin does not work with openssh key

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Blocker
    • Resolution: Unresolved
    • Labels:
      None
    • Environment:
      Jenkins ver. 2.164.2
      Publish Over SSH 1.20.1
    • Similar Issues:

      Description

      The publish over ssh plug does not accept a newly generated openssh (7.9-p1)

       

      jenkins@server-two ~ $ ssh-keygen -b 1024 -t rsa
      Generating public/private rsa key pair.
      Enter file in which to save the key (/home/jenkins/.ssh/id_rsa):
      /home/jenkins/.ssh/id_rsa already exists.
      Overwrite (y/n)? y
      Enter passphrase (empty for no passphrase):
      Enter same passphrase again:
      Your identification has been saved in /home/jenkins/.ssh/id_rsa.
      Your public key has been saved in /home/jenkins/.ssh/id_rsa.pub.
      The key fingerprint is:
      SHA256:Dxg/hh433DNdQxDGlnWsGMmTjHGT6cEn1dPs0VbczJI jenkins@server-two
      The key's randomart image is:
      +---[RSA 1024]----+
      | .B*@+OB|
      | .o^oE+%|
      | . o Bo=o|
      | * . .o....|
      | + S + . |
      | . + = o |
      | . . |
      | |
      | |
      +----[SHA256]-----+

       

       

       

      jenkins@server-two ~ $ cat ~/.ssh/id_rsa
      
      -----BEGIN OPENSSH PRIVATE KEY-----
      b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcn
      NhAAAAAwEAAQAAAIEAtEuhS29xJQfHaJMexAlAVLf9wy2dHKh+EbXrD5DmpRq2PABjzZWK
      xvU/yvfCBpyMHaMLohMLhpUSqyKQd8a7h+6fLRPc51epviFhL6rFX/lqlWy4pnL0wq0a5I
      30tGXPjL8Qzc/pqHwRz8yUmA0RLOSdFgSvrBu6YA0jmTxL4ZsAAAIIb8CTnm/Ak54AAAAH
      c3NoLXJzYQAAAIEAtEuhS29xJQfHaJMexAlAVLf9wy2dHKh+EbXrD5DmpRq2PABjzZWKxv
      U/yvfCBpyMHaMLohMLhpUSqyKQd8a7h+6fLRPc51epviFhL6rFX/lqlWy4pnL0wq0a5I30
      tGXPjL8Qzc/pqHwRz8yUmA0RLOSdFgSvrBu6YA0jmTxL4ZsAAAADAQABAAAAgGj4w79U8i
      5aOhrD1ZzTuhXZTjEuRJRj8YrEPUjB19f3FnUW0QTodXVjYzH8UIZi7R1wSZyitAo2jzj+
      ldh258XA28b+qFMLPo4X0E6CWevSd6kVsub9I7JxwOeQXf26QgvOAcp3o4TIJIjg8LcVQU
      VdWBVPBJbebnpiLHCDJDb5AAAAQQCOldoy3U8NdOEXhh5U47BLZeMQT+KXWyfUzZ83uxRS
      UvKwL60AAc1fCuhi0G50rFBZDO1f4you3ZqYbxdI5CtIAAAAQQDqyDeMZ/0U+53Ox/BFeR
      Pw58F9KAjhCKYn3RMz9cUAs/NHvAnZP3o/YAANVSjHPpNnLfI7W4rughM8XroOivCPAAAA
      QQDEltdLfsCuItzcJXkMquojSK7TQlsONEcL7L4bozUWcCrkicjU24sj/U1rTlQpUC74yP
      out7NQioc/Yi7FmKw1AAAAEmplbmtpbnNAc2VydmVyLXR3bw==
      -----END OPENSSH PRIVATE KEY-----

       

      Use ssh-copy-id to copy the newly generated ssh key to the desired destination server.

       

      Navigate to Configure Jenkins

      Set the passphrase and path to key to blank.

       

      Set the key to the above text

       

      Set ssh server name, hostname, and remote directory as appropriate

      Click "Test Configuration".

       

      Expected behavior, the test either works, or tells me that it's unable to authenticate against the target server.

       

      Actual behavior:

      I get this message.

       

      Failed to connect or change directory
      jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key. Message [invalid privatekey: [B@d8d395a]
      

       

       

      Subsequent activation of the "Test Configuration" button give me the same message, but with a different hex code at the end.

       

        Attachments

          Activity

          Hide
          gizmo15 Boris Tassou added a comment -

          Hi,

           

          I have the same issue. I generate a key with this method :

          ssh-keygen -t rsa -b 4096

           

          And i use ssh-copy-id :

          ssh-copy-id -i .ssh/id_rsa.pub jenkins@hakael.secu.loc

           

          If i made an ssh -i id_rsa jenkins@hakael.secu.loc, it's works but if i use the test in the configuration console, it failed, always.

          Show
          gizmo15 Boris Tassou added a comment - Hi,   I have the same issue. I generate a key with this method : ssh-keygen -t rsa -b 4096   And i use ssh-copy-id : ssh-copy-id -i .ssh/id_rsa.pub jenkins@hakael.secu.loc   If i made an ssh -i id_rsa jenkins@hakael.secu.loc , it's works but if i use the test in the configuration console, it failed, always.
          Hide
          matkal93 Adam slodowy added a comment -

          The solution for me was to export my private key in different format using puttygen- look at description in https://stackoverflow.com/questions/2224066/how-to-convert-ssh-keypairs-generated-using-puttygen-windows-into-key-pairs-us

          Show
          matkal93 Adam slodowy added a comment - The solution for me was to export my private key in different format using puttygen- look at description in  https://stackoverflow.com/questions/2224066/how-to-convert-ssh-keypairs-generated-using-puttygen-windows-into-key-pairs-us
          Hide
          ehooi Taehyung Lim added a comment -

          I had the same issue and solved.

          The problem is private key file format.
          This is my private key header. This is from ssh-keygen on Macbook, not from puttygen.

          -----BEGIN OPENSSH PRIVATE KEY-----
          b3Blb....

          "BEGIN OPENSSH" and "b3Blb...." means the "newer OpenSSH format".
          Jenkins or plugin failed to read this format.

           

          If you want to make "older" OpenSSH format, try this.
          Or make your keys by using old ssh-keygen.

           

          ssh-keygen -t rsa -b 4096 -m PEM

           

          Your new private key should looks like this.

           

          -----BEGIN RSA PRIVATE KEY-----
          MIIE....

           

          ps. You can't use ed25519 algorithm. Because ed25519 needs newer format.

           

          Show
          ehooi Taehyung Lim added a comment - I had the same issue and solved. The problem is private key file format. This is my private key header. This is from ssh-keygen on Macbook, not from puttygen. -----BEGIN OPENSSH PRIVATE KEY----- b3Blb.... "BEGIN OPENSSH" and "b3Blb...." means the "newer OpenSSH format". Jenkins or plugin failed to read this format.   If you want to make "older" OpenSSH format, try this. Or make your keys by using old ssh-keygen.   ssh-keygen -t rsa -b 4096 -m PEM   Your new private key should looks like this.   -----BEGIN RSA PRIVATE KEY----- MIIE....   ps. You can't use ed25519 algorithm. Because ed25519 needs newer format.  

            People

            • Assignee:
              Unassigned
              Reporter:
              jonesmzmeshpp Michael Jones
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated: