Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-64387

SSH private key doesn't work with git plugin on Fedora 20 and Scientific Linux 6

XMLWordPrintable

      Git Credential Manager SSH Username with private key doesn't always work with git plugin

      I have a master/slave configuration.

      Git-Master (Windows 10)
  +--Git-Slave (Ubuntu 18.04)
  +--Git-Slave (OpenSuse 15)
  +--Git-Slave (CentOS 7)
  +--Git-Slave (Fedora 20)
  +--Git-Slave (Scientific Linux 6)

      I have a matrix job configuration with a simple action of cloning a git repository to the local machine using the `git` SCM plugin.

      This job works fine for Ubuntu, OpenSuse and CentOS.

      This job fails for Fedora 20 and Scientific Linux.

      The failure message appears to be

      2020-12-01 16:17:06  > /usr/bin/git fetch --tags --progress ssh://git@git:2222/3rdParty/Dicom.git +refs/heads/*:refs/remotes/origin/* # timeout=10
2020-12-01 16:17:06 ERROR: Error cloning remote repo 'origin'
2020-12-01 16:17:06 hudson.plugins.git.GitException: Command "/usr/bin/git fetch --tags --progress ssh://git@git:2222/3rdParty/Dicom.git +refs/heads/*:refs/remotes/origin/*" returned status code 128:
2020-12-01 16:17:06 stdout: 
2020-12-01 16:17:06 stderr: Permission denied (publickey).
2020-12-01 16:17:06 fatal: Could not read from remote repository.
2020-12-01 16:17:06 
2020-12-01 16:17:06 Please make sure you have the correct access rights
2020-12-01 16:17:06 and the repository exists.

      The SSH public/private files are not located in the individual node's ~/.ssh directory. These credentials are supposed to come from the Jenkins SSH Username with private Key Credential Manager input. But it doesn't work on Fedora 20 or Scientific Linux.

      Google searching has always mentioned making sure the public/private key files are in the ~/.ssh directory, but it appears they aren't using Jenkins for credentials at that point.

      I have tried the following to debug the situation:

      1. Creds ONLY in Jenkins SSH Username with private Key Credential Manager – Fails
      2. Creds in Jenkins SSH Username and in ~/.ssh – Fails
      3. Do not use Jenkins SSH Username with private Key, only use ~/.ssh – Pass

      Obviously, I want to use the Jenkins Credential manager because it scales better. You configure it once on the master and all the slaves use it. However it's not working for fedora20 or SciLin 6.

      Other information that may be important:
      Git versions:

      Ubuntu 2.29.2
      OpenSuse 2.16.4
      CentOS 1.8.3.1
      Fedora 20 1.9.3
      Scientific Linux 2.29.2*

      * I manually compiled a new git for scilin thinking the problem may be due to the version of git that was installed. It didn't make a differrence.

      Jenkins version: 2.249.3

      Error Details

      Fedora 20 Error Details
      2020-12-01 16:17:06 Building remotely on LIN-FEDORA20 (Linux Fedora) in workspace /var/lib/jenkins/remote/workspace/TOOLS-DEBUG/JRR-GIT-Test/label/LIN-FEDORA20
2020-12-01 16:17:06 The recommended git tool is: NONE
2020-12-01 16:17:06 using credential e7237568-c0d2-4d61-973f-0f9cbbb9f16d
2020-12-01 16:17:06 Wiping out workspace first.
2020-12-01 16:17:06 Cloning the remote Git repository
2020-12-01 16:17:06 Cloning repository ssh://git@git:2222/3rdParty/Dicom.git
2020-12-01 16:17:06  > /usr/bin/git init /var/lib/jenkins/remote/workspace/TOOLS-DEBUG/JRR-GIT-Test/label/LIN-FEDORA20 # timeout=10
2020-12-01 16:17:06 Fetching upstream changes from ssh://git@git:2222/3rdParty/Dicom.git
2020-12-01 16:17:06  > /usr/bin/git --version # timeout=10
2020-12-01 16:17:06  > git --version # 'git version 1.9.3'
2020-12-01 16:17:06 using GIT_SSH to set credentials SSH
2020-12-01 16:17:06  > /usr/bin/git fetch --tags --progress ssh://git@git:2222/3rdParty/Dicom.git +refs/heads/*:refs/remotes/origin/* # timeout=10
2020-12-01 16:17:06 ERROR: Error cloning remote repo 'origin'
2020-12-01 16:17:06 hudson.plugins.git.GitException: Command "/usr/bin/git fetch --tags --progress ssh://git@git:2222/3rdParty/Dicom.git +refs/heads/*:refs/remotes/origin/*" returned status code 128:
2020-12-01 16:17:06 stdout: 
2020-12-01 16:17:06 stderr: Permission denied (publickey).
2020-12-01 16:17:06 fatal: Could not read from remote repository.
2020-12-01 16:17:06 
2020-12-01 16:17:06 Please make sure you have the correct access rights
2020-12-01 16:17:06 and the repository exists.
2020-12-01 16:17:06 
2020-12-01 16:17:06 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2450)
2020-12-01 16:17:06 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:2051)
2020-12-01 16:17:06 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$500(CliGitAPIImpl.java:84)
2020-12-01 16:17:06 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:573)
2020-12-01 16:17:06 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$2.execute(CliGitAPIImpl.java:802)
2020-12-01 16:17:06 	at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$GitCommandMasterToSlaveCallable.call(RemoteGitImpl.java:161)
2020-12-01 16:17:06 	at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$GitCommandMasterToSlaveCallable.call(RemoteGitImpl.java:154)
2020-12-01 16:17:06 	at hudson.remoting.UserRequest.perform(UserRequest.java:211)
2020-12-01 16:17:06 	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
2020-12-01 16:17:06 	at hudson.remoting.Request$2.run(Request.java:375)
2020-12-01 16:17:06 	at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:73)
2020-12-01 16:17:06 	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
2020-12-01 16:17:06 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
2020-12-01 16:17:06 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
2020-12-01 16:17:06 	at java.lang.Thread.run(Thread.java:748)
2020-12-01 16:17:06 	Suppressed: hudson.remoting.Channel$CallSiteStackTrace: Remote call to LIN-FEDORA20
2020-12-01 16:17:06 		at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1800)
2020-12-01 16:17:06 		at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:357)
2020-12-01 16:17:06 		at hudson.remoting.Channel.call(Channel.java:1001)
2020-12-01 16:17:06 		at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler.execute(RemoteGitImpl.java:146)
2020-12-01 16:17:06 		at sun.reflect.GeneratedMethodAccessor1035.invoke(Unknown Source)
2020-12-01 16:17:06 		at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2020-12-01 16:17:06 		at java.lang.reflect.Method.invoke(Method.java:498)
2020-12-01 16:17:06 		at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler.invoke(RemoteGitImpl.java:132)
2020-12-01 16:17:06 		at com.sun.proxy.$Proxy73.execute(Unknown Source)
2020-12-01 16:17:06 		at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1219)
2020-12-01 16:17:06 		at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1297)
2020-12-01 16:17:06 		at hudson.scm.SCM.checkout(SCM.java:505)
2020-12-01 16:17:06 		at hudson.model.AbstractProject.checkout(AbstractProject.java:1206)
2020-12-01 16:17:06 		at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:574)
2020-12-01 16:17:06 		at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86)
2020-12-01 16:17:06 		at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:499)
2020-12-01 16:17:06 		at hudson.model.Run.execute(Run.java:1894)
2020-12-01 16:17:06 		at hudson.matrix.MatrixRun.run(MatrixRun.java:153)
2020-12-01 16:17:06 		at hudson.model.ResourceController.execute(ResourceController.java:97)
2020-12-01 16:17:06 		at hudson.model.Executor.run(Executor.java:428)
2020-12-01 16:17:06 ERROR: Error cloning remote repo 'origin'
2020-12-01 16:17:06 Finished: FAILURE


      Scientific Linux Error Details
      2020-12-01 16:17:06 Building remotely on LIN-SCILIN-6 (Linux SciLin) in workspace /var/lib/jenkins/remote/workspace/TOOLS-DEBUG/JRR-GIT-Test/label/LIN-SCILIN-6
2020-12-01 16:17:06 The recommended git tool is: NONE
2020-12-01 16:17:06 using credential e7237568-c0d2-4d61-973f-0f9cbbb9f16d
2020-12-01 16:17:06 Wiping out workspace first.
2020-12-01 16:17:06 Cloning the remote Git repository
2020-12-01 16:17:06 Cloning repository ssh://git@git:2222/3rdParty/Dicom.git
2020-12-01 16:17:06  > /usr/bin/git init /var/lib/jenkins/remote/workspace/TOOLS-DEBUG/JRR-GIT-Test/label/LIN-SCILIN-6 # timeout=10
2020-12-01 16:17:06 Fetching upstream changes from ssh://git@git:2222/3rdParty/Dicom.git
2020-12-01 16:17:06  > /usr/bin/git --version # timeout=10
2020-12-01 16:17:06  > git --version # 'git version 1.7.1'
2020-12-01 16:17:06 using GIT_SSH to set credentials SSH
2020-12-01 16:17:06  > /usr/bin/git fetch --tags --progress ssh://git@git:2222/3rdParty/Dicom.git +refs/heads/*:refs/remotes/origin/* # timeout=10
2020-12-01 16:17:11 ERROR: Error cloning remote repo 'origin'
2020-12-01 16:17:11 hudson.plugins.git.GitException: Command "/usr/bin/git fetch --tags --progress ssh://git@git:2222/3rdParty/Dicom.git +refs/heads/*:refs/remotes/origin/*" returned status code 128:
2020-12-01 16:17:11 stdout: 
2020-12-01 16:17:11 stderr: Permission denied (publickey).
2020-12-01 16:17:11 fatal: The remote end hung up unexpectedly
2020-12-01 16:17:11 
2020-12-01 16:17:11 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2450)
2020-12-01 16:17:11 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:2051)
2020-12-01 16:17:11 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$500(CliGitAPIImpl.java:84)
2020-12-01 16:17:11 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:573)
2020-12-01 16:17:11 	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$2.execute(CliGitAPIImpl.java:802)
2020-12-01 16:17:11 	at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$GitCommandMasterToSlaveCallable.call(RemoteGitImpl.java:161)
2020-12-01 16:17:11 	at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$GitCommandMasterToSlaveCallable.call(RemoteGitImpl.java:154)
2020-12-01 16:17:11 	at hudson.remoting.UserRequest.perform(UserRequest.java:211)
2020-12-01 16:17:11 	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
2020-12-01 16:17:11 	at hudson.remoting.Request$2.run(Request.java:375)
2020-12-01 16:17:11 	at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:73)
2020-12-01 16:17:11 	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
2020-12-01 16:17:11 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
2020-12-01 16:17:11 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
2020-12-01 16:17:11 	at java.lang.Thread.run(Thread.java:748)
2020-12-01 16:17:11 	Suppressed: hudson.remoting.Channel$CallSiteStackTrace: Remote call to LIN-SCILIN-6
2020-12-01 16:17:11 		at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1800)
2020-12-01 16:17:11 		at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:357)
2020-12-01 16:17:11 		at hudson.remoting.Channel.call(Channel.java:1001)
2020-12-01 16:17:11 		at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler.execute(RemoteGitImpl.java:146)
2020-12-01 16:17:11 		at sun.reflect.GeneratedMethodAccessor1035.invoke(Unknown Source)
2020-12-01 16:17:11 		at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2020-12-01 16:17:11 		at java.lang.reflect.Method.invoke(Method.java:498)
2020-12-01 16:17:11 		at org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler.invoke(RemoteGitImpl.java:132)
2020-12-01 16:17:11 		at com.sun.proxy.$Proxy73.execute(Unknown Source)
2020-12-01 16:17:11 		at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1219)
2020-12-01 16:17:11 		at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1297)
2020-12-01 16:17:11 		at hudson.scm.SCM.checkout(SCM.java:505)
2020-12-01 16:17:11 		at hudson.model.AbstractProject.checkout(AbstractProject.java:1206)
2020-12-01 16:17:11 		at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:574)
2020-12-01 16:17:11 		at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86)
2020-12-01 16:17:11 		at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:499)
2020-12-01 16:17:11 		at hudson.model.Run.execute(Run.java:1894)
2020-12-01 16:17:11 		at hudson.matrix.MatrixRun.run(MatrixRun.java:153)
2020-12-01 16:17:11 		at hudson.model.ResourceController.execute(ResourceController.java:97)
2020-12-01 16:17:11 		at hudson.model.Executor.run(Executor.java:428)
2020-12-01 16:17:11 ERROR: Error cloning remote repo 'origin'
2020-12-01 16:17:11 Finished: FAILURE

            Unassigned Unassigned
            rocha_stratovan John Rocha
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: