Jenkins publish over ssh shows error "jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key."
Solution 1
You will need to create a public/private key as the Jenkins user on your Jenkins server, then copy the public key to the user you want to do the deployment with on your target server.
Step 1, generate public and private key on build server as user jenkins
build1:~ jenkins$ whoami
jenkins
build1:~ jenkins$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/jenkins/.ssh/id_rsa):
Created directory '/var/lib/jenkins/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/lib/jenkins/.ssh/id_rsa.
Your public key has been saved in /var/lib/jenkins/.ssh/id_rsa.pub.
The key fingerprint is:
[...]
The key's randomart image is:
[...]
build1:~ jenkins$ ls -l .ssh
total 2
-rw------- 1 jenkins jenkins 1679 Feb 28 11:55 id_rsa
-rw-r--r-- 1 jenkins jenkins 411 Feb 28 11:55 id_rsa.pub
build1:~ jenkins$ cat .ssh/id_rsa.pub
ssh-rsa AAAlskdjfalskdfjaslkdjf... [email protected]
Step 2, paste the pub file contents onto the target server.
target:~ bob$ cd .ssh
target:~ bob$ vi authorized_keys (paste in the stuff which was output above.)
Make sure your .ssh dir has permissoins 700 and your authorized_keys file has permissions 644
Step 3, configure Jenkins
In the jenkins web control panel, nagivate to "Manage Jenkins" -> "Configure System" -> "Publish over SSH"
Either enter the path of the file e.g. "var/lib/jenkins/.ssh/id_rsa", or paste in the same content as on the target server.
Enter your passphrase, server and user details, and you are good to go!
Solution 2
The path to key should be the path to the private key id_rsa
.
Not the public one id_rsa.pub
(which is indeed an invalid... private key)
Creating an SSH key pair has generated:
-
/var/lib/jenkins/.ssh/id_rsa
(private key) -
/var/lib/jenkins/.ssh/id_rsa.pub
(public key)
Use the old PEM format (not the new OpenSSH one)
ssh-keygen -t rsa -C "jenkins" -m PEM -P "" -f /var/lib/jenkins/.ssh/id_rsa
For an SSH session to be opened, the public key need to be copied over to the remote server, in /home/ubuntu/.ssh/authorized_keys
.
If you have the remote ubuntu user password, you can use the ssh-copy-id command, as seen here:
ssh-copy-id -i /var/lib/jenkins/.ssh/id_rsa ubuntu@remoteserverip
Then you can test, as sudo su jenkins
, the connection with ssh -Tv ubuntu@remoteserverip
Solution 3
It seems that MacOS uses a newer technology to generate the keys.
Generating the Key with -m PEM
solved the issue for me.
The complete call was: ssh-keygen -t rsa -b 4096 -m PEM
and then following the steps that Prakash said.
Related videos on Youtube
![Prakash](https://lh4.googleusercontent.com/-Lfk8c44WcB8/AAAAAAAAAAI/AAAAAAAAAAA/ACevoQOPQ_YPXl9HK9zqWDKZZaEpRiitsA/mo/photo.jpg?sz=256)
Prakash
Updated on June 04, 2022Comments
-
Prakash about 2 years
For connecting jenkins with remote server with ssh I installed publish over SSH plugin in jenkins. But after configuration it shows error as jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key. Message [invalid privatekey: [B@7934add]
Initially I logged as jenkins user in server as "sudo su jenkins" After this I typed "ssh-keygen" and give the passphrase value and given the path of key in jenkins configuration.
my passphrase is the value which I given while creating ssh-keygen
my passphrase/password is same value which I given while creating ssh-keygen. I don't am I correct with this point
But all my configuration when I click test configuration button it shows "
Failed to connect or change directory jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key. Message [invalid privatekey: [B@3085b39b]"
-
Prakash about 5 yearsThanks for your reponse. I changed it but now it shows jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [connectionName]. Message [Auth fail]]
-
Prakash about 5 yearsWhat should I give in place SSH Server Passphrase / Password field?
-
VonC about 5 years@Prakash As
sudo su jenkins
, can you try:ssh -Tv ubuntu@serveripaddress
? The remote server, on serveripaddress, should have a/home/ubuntu/.ssh/authorized_keys
file with your public key in it for said ssh session to work. -
VonC about 5 years@Prakash If you have created a pivate key with a passphrase, you should give that passphrase in that field.
-
Prakash about 5 yearsWhen I give this command as a jenkins user "ssh -Tv ubuntu@serveripaddress" it shows permission denied.
-
VonC about 5 years@Prakash Do you have the public key properly published as I mentioned before?
-
Prakash about 5 yearsTotally confused what I need to do. Can you please tell list of steps to do to connect with publish over SSH in jenkins.
-
VonC about 5 years@Prakash Sure, I have edited the answer. Let me know if I can clarify any of the steps, the main one being to copy the public key content to the
/home/ubuntu/.ssh/authorized_keys
file -
Prakash about 5 yearsThanks. I followed my answer which mentioned above.please check whether my answer is correct ?
-
VonC about 5 years@Prakash Looking good, except your screenshot in your question shows a user named "ubuntu", not "bob": make sure to enter the right user.
-
Prakash about 5 yearsSorry, that I changed to ubuntu. Whether rest of the flow is correct.
-
VonC about 5 years@Prakash Yes. Does the test I mention work? the
ssh -Tv ubuntu@serveripaddress
done from the Jenkins server, as Jenkins? -
Anptk almost 3 yearswhen i changed to the key generation command as mentioned above, i got the success.