Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-58100

sshagent doesn't get the private key correctly from credential

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Incomplete
    • Icon: Blocker Blocker
    • ssh-agent-plugin
    • None

      Description: I have a problem to use the private key from my credential to establish ssh connection on my remote server.

      when i use physique private key stocked on my server the ssh connection is well done , but when i use sshagent to get the private key form the credential which have the same key (allready verified) the connection is failed.

      /!\ i'm using sshagent in the groovy pipeline because i need to use differents credentials :

       stage {

          steps {             

                sshagent (credentials: ['f6cd2c20-74c6-48c1-b728-cce2b7c99687']) \{                                                  dir("${PLAY_PATH}") { 

                      ansiblePlaybook(                       

                          colorized: true,                       

                          installation: 'ansible', 

                          playbook: 'deploy_dc.yaml',  

                          hostKeyChecking: false,   

                          extras: '-vvvv',                       

                          extraVars: [   USER: "${USER_ID}", application: "${Application}" ]                                                                                       )                }           }            }        }

 

 

{color:#de350b}*ERROR:*{color}

ssh-agent] Using credentials jenkins
 [ssh-agent] Looking for ssh-agent implementation...
 [ssh-agent] Exec ssh-agent (binary ssh-agent on a remote machine)
 $ ssh-agent
 SSH_AUTH_SOCK=/tmp/ssh-YIpaWLmGXvTs/agent.96914
 SSH_AGENT_PID=96918
 Running ssh-add (command line suppressed)
 Identity added: /app/list/jenkins/workspace/VFI_SILO1_ETAT_TEST@tmp/private_key_5247074270144721685.key (/app/list/jenkins/workspace/VFI_SILO1_ETAT_TEST@tmp/private_key_5247074270144721685.key)
 [ssh-agent] Started.
 [Pipeline] {
 [Pipeline] dir
 Running in /app/list/ansible/Ansible
 [Pipeline] {
 [Pipeline] ansiblePlaybook
 [AnsibleCAGIP] $ ansible-playbook deploy_dc.yaml -e USER=jenkins -e application=wn --vvvv
 ansible-playbook 2.4.2.0
 config file = /app/list/ansible/Ansible/configuration/ansible_LR023MID.cfg
 configured module search path = [u'/app/list/home/dcexploit/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
 ansible python module location = /usr/lib/python2.7/site-packages/ansible
 executable location = /usr/bin/ansible-playbook
 python version = 2.7.5 (default, Mar 26 2019, 22:13:06) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
 Using /app/list/ansible/AnsibleCAGIP/configuration/ansible_LR023MID.cfg as config file
 setting up inventory plugins
 Parsed /app/list/ansible/AnsibleCAGIP/configuration/hosts_LR023MID inventory source with ini plugin

Loading callback plugin debug of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc

PLAYBOOK: deploy_dc.yaml *******************************************************
 1 plays in deploy_dc.yaml
 PLAY [wn.s1n.integration.stop] *************************************************
 Read vars_file 'group_vars/all'

TASK [Gathering Facts] *********************************************************
 Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
 <10.186.xx.xx> ESTABLISH SSH CONNECTION FOR USER: jenkins
 <10.186.xx.xx> SSH: EXEC ssh -vvv -E /app/list/ansible/Ansible/key/log -o GSSAPIAuthentication=yes -o UserKnownHostsFile=/app/list/ansible/Ansible/configuration/known_hosts_LR023MID -o User=jenkins -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=jenkins -o ConnectTimeout=10 10.186.xx.xx '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"''
 fatal: [ANS_IAOXAS01]: UNREACHABLE! =>

{ "changed": false, "unreachable": true }

MSG:

SSH Error: data could not be sent to remote host "10.186.xx.xx". Make sure this host can be reached over ssh

PLAY RECAP *********************************************************************
 ANS_IAOXAS01 : ok=0 changed=0 unreachable=1 failed=0

{color:#de350b}*SSH LOGS:*{color}

debug2: we did not send a packet, disable method
 debug3: authmethod_lookup gssapi-keyex
 debug3: remaining preferred: hostbased,publickey
 debug3: authmethod_is_enabled gssapi-keyex
 debug1: Next authentication method: gssapi-keyex
 debug1: No valid Key exchange context
 debug2: we did not send a packet, disable method
 debug3: authmethod_lookup publickey
 debug3: remaining preferred: ,publickey
 debug3: authmethod_is_enabled publickey
 debug1: Next authentication method: publickey
 debug1: Trying private key: /app/list/jenkins/workspace/VFI_SILO1_ETAT_TEST@tmp/private_key_5247074270144721685.key
 debug3: sign_and_send_pubkey: RSA SHA256:Rq+xWY9mwHUiwxVI63nFd1slCcSZ82+lABDE8GeLOMI
 debug3: send packet: type 50
 debug2: we sent a publickey packet, wait for reply
 debug3: receive packet: type 51
 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
 debug1: Offering public key: RSA SHA256:foFkT1HgRoCQr1nsrsDix7MixqmER/sJ2ZU42hvO+1M /etc/ssh/identity/dcexploit
 debug3: send_pubkey_test
 debug3: send packet: type 50
 debug2: we sent a publickey packet, wait for reply
 debug3: receive packet: type 51
 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
 debug1: Offering public key: RSA-CERT SHA256:foFkT1HgRoCQr1nsrsDix7MixqmER/sJ2ZU42hvO+1M /etc/ssh/identity/dcexploit
 debug3: send_pubkey_test
 debug3: send packet: type 50

       

            Unassigned Unassigned
            ghost_78 ghost ghost
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: