[JIRA] [git] (JENKINS-20879) SSH Credentials (private key with passphrase) do not work

Thu, 22 May 2014 06:45:14 -0700

 
Mark Waite edited a comment on Bug JENKINS-20879

tfnico Could you explain further how you configure Jenkins to allow a private key with a passphrase to work with the git plugin? You said that "Private key in the text field works fine for me, both with and without passphrase", yet when I've added a credential to Jenkins using a private key which requires a passphrase, even if I enter the passphrase, I'm not able to use that private key based credential from the git plugin to checkout a repository whose access is controlled by that private key.

The steps I took in my failed attempt included:

  1. Create a new user named "private" on my Debian Linux 7.5 (Wheezy)
    ( sudo useradd private )
  2. Use ssh-keygen to define a passphrase protected ssh key for that user
    ( sudo su - private; ssh-keygen )
  3. Configure git for the "private" user
    ( git config --global user.name "Private User"; git config --global user.email mwaite@wheezy64b )
  4. Create a git repository in the .ssh directory
    ( cd .ssh; git init; git add .; git commit -m "First checkin" )
  5. Create a bare git repository copy of that .ssh directory
    ( cd ~; git clone --bare .ssh ssh.git )
  6. Configure bare repository as "origin" of .ssh repo
    ( cd ~/.ssh;git remote add origin ../ssh.git;git branch --set-upstream master origin/ )
  7. Allow user "private" to login without password prompt if agent provides key
    ( cd ~/.ssh; cp id_rsa.pub authorized_keys )
  8. Confirm user "private" can login without password prompt
    ( eval $(ssh-agent); ssh-add; ssh wheezy64b ls .ssh )
  9. Add private key from the user "private" to Jenkins as credential, including the passphrase in "Advanced"
  10. Define a job which uses that credential
  11. Confirm that "git ls-remote" fails to connect during job definition
  12. Confirm that the job fails with message that credentials were not correct
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to