Alberto Gallardo added a comment - 2016-02-09 15:54 More environment info: I'm using the jenkins on the embedded winstone server. $zypper info jenkins [...] Name: jenkins Version: 1.647-1.2 Arch: noarch [...] $java -version java version "1.7.0_79" Java(TM) SE Runtime Environment (build 1.7.0_79-b15) Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode) # winstone.jar/META-INF/MANIFEST.MF: [...] Implementation-Title: Winstone Implementation-Version: 2.9 [...]

Alberto Gallardo added a comment - 2016-02-09 16:00 Apparently, there is not much more I can test: I have disabled the 'SSH Slaves plugin' (I don't have slaves). The GUI renders the error independently of the 'Build Environment > SSH Agent' setting. If it helps, when setting this 'SSH Agent' option, the job fails with this message (I have to launch it manually): Started by user ... Building in workspace /srv/jenkins/jobs/Tests/jobs/test_github_jenkins_integration_ghp/workspace [ssh-agent] Looking for ssh-agent implementation... [ssh-agent] Java/JNR ssh-agent [ssh-agent] Started. [ssh-agent] Unable to read key: Unable to create OpenSSL PBDKF: PBKDF-OpenSSL SecretKeyFactory not available org.bouncycastle.openssl.PEMException: Unable to create OpenSSL PBDKF: PBKDF-OpenSSL SecretKeyFactory not available at org.bouncycastle.openssl.jcajce.PEMUtilities.getKey(Unknown Source) at org.bouncycastle.openssl.jcajce.PEMUtilities.getKey(Unknown Source) at org.bouncycastle.openssl.jcajce.PEMUtilities.crypt(Unknown Source) at org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder$1$1.decrypt(Unknown Source) at org.bouncycastle.openssl.PEMEncryptedKeyPair.decryptKeyPair(Unknown Source) at com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:98) at com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper$SSHAgentEnvironment.add(SSHAgentBuildWrapper.java:388) at com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper.preCheckout(SSHAgentBuildWrapper.java:227) at jenkins.scm.SCMCheckoutStrategy.preCheckout(SCMCheckoutStrategy.java:76) at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:528) at hudson.model.Run.execute(Run.java:1738) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:98) at hudson.model.Executor.run(Executor.java:410) Caused by: java.security.NoSuchAlgorithmException: PBKDF-OpenSSL SecretKeyFactory not available at javax.crypto.SecretKeyFactory.<init>(SecretKeyFactory.java:121) at javax.crypto.SecretKeyFactory.getInstance(SecretKeyFactory.java:159) at org.bouncycastle.jcajce.util.DefaultJcaJceHelper.createSecretKeyFactory(Unknown Source) ... 14 more [ssh-agent] Using credentials jenkins (jenkins.tests.id_rsa pass) Wiping out workspace first. Cloning the remote Git repository Cloning repository git@github.tik.uni-stuttgart.de:NFL/tests.git > git init /srv/jenkins/jobs/Tests/jobs/test_github_jenkins_integration_ghp/workspace # timeout=10 Fetching upstream changes from git@github.tik.uni-stuttgart.de:NFL/tests.git > git --version # timeout=10 using GIT_SSH to set credentials jenkins.tests.id_rsa pass > git -c core.askpass=true fetch --tags --progress git@github.tik.uni-stuttgart.de:NFL/tests.git +refs/heads/*:refs/remotes/origin/* ERROR: Error cloning remote repo 'origin' hudson.plugins.git.GitException: Command "git -c core.askpass=true fetch --tags --progress git@github.tik.uni-stuttgart.de:NFL/tests.git +refs/heads/*:refs/remotes/origin/*" returned status code 128: stdout: stderr: Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.

SCM/JIRA link daemon added a comment - 2016-02-09 17:54 Code changed in jenkins User: Mark Waite Path: README.md http://jenkins-ci.org/commit/git-client-plugin/fda981f35a28683f53b480ffad779850bfaebc39 Log: [Fix JENKINS-32834] don't break ssh passphrase in few working cases Refer to 7711aacb34aa597a92aad14e8d7429347a920b8d README change because I made a mistake in commit message for 7711aacb

Mark Waite added a comment - 2016-02-09 22:53 - edited I'm still perplexed how you make it work in your environment. I added the ssh-agent plugin to my Jenkins installation, modified the job I had previously defined to use a passphrase protected credential for its git repository, then selected that same passphrase protected credential for use by the ssh-agent in the " Build Environment " section of the job configuration. I then encountered what appears to be JENKINS-32120 (ssh-agent fails when using a passphrase protected key). I'm even more perplexed because your config.xml does not include the ssh-agent build wrapper that I was expecting. Are you sure that is the job configuration file of one of the jobs using ssh-agent?

Mark Waite added a comment - 2016-02-10 04:23 Fixed in git client plugin 1.19.4, released 9 Feb 2016

Alberto Gallardo added a comment - 2016-02-10 06:49 I'm still perplexed how you make it work in your environment. Re-reading my posts, I'm afraid I have confused you a bit. I'm sorry. " I'm using the ssh-agent " as in " I have installed it " (it's a GitHub Pull Request Builder dependency). The problem is that I'm not that familiarized with each plugin responsibility, and I assumed that it was a jenkins core component already being used. I added the ssh-agent plugin to my Jenkins installation, modified the job I had previously defined to use a passphrase protected credential for its git repository, then selected that same passphrase protected credential for use by the ssh-agent in the "Build Environment" section of the job configuration. I then encountered what appears to be JENKINS-32120 (ssh-agent fails when using a passphrase protected key). That confirms my findings in my previous post . Thanks! I'm even more perplexed because your config.xml does not include the ssh-agent build wrapper that I was expecting. Are you sure that is the job configuration file of one of the jobs using ssh-agent? My fault making you believe I was using it: no, I'm not using it in this job. I have now re-tested, removing the "ssh agent" plugin (and consequently, the "github pull request builder" plugin). The problem is always reproducible, and I can confirm that the commit revert still works (built git-client git-client-1.19.4 from github). Unfortunatelly, my jenkins doesn't see the new 1.19.4 release yet.

Alberto Gallardo added a comment - 2016-02-10 06:57 If it helps, I have the 'SSH Credentials Plugin' v. 1.11 installed.

Niklas Baudy added a comment - 2016-02-10 10:33 I'm also having the same problems when running 1.19.3. I have Jenkins on Mac also with SSH Credentials Plugin v1.11. Also I can't see the 1.19.4 release yet, do you know when we'll be able to see it?

Mark Waite added a comment - 2016-02-10 14:16 I've confirmed the update center now shows git client plugin 1.19.4. Be sure you refresh the update center by pressing the "Check Now" button in the Jenkins Update Center web page.

Alberto Gallardo added a comment - 2016-02-11 15:48 Confirmed that the version from the update center works for me.