Jenkins - Unable to git clone from slave node. SSH keys

nonshatter picture nonshatter · Apr 17, 2012 · Viewed 27.5k times · Source

I have just set up my first Jenkins slave. I run the build, and I hit problems with the SSH keys. The master Jenkins server is running under the user 'jenkins'. I have set up the SSH keys such that I can SSH from the master to the slave without a password.

e.g. From the master:

jenkins@master:~$ ssh slave
Last login: Tue Apr 17 10:30:22 2012 from masterjenkins.com
$ whoami
jenkins

So that proves that the slave node is also running under the 'jenkins' user. (I have copied the public ssh key from the jenkins@slave to the remote git server). And I am able to issue the git clone manually from the slave, but when I kick off the build from the master I get these kinds of messages:

    ERROR: Error cloning remote repo 'origin' : Could not clone git@host:abc
hudson.plugins.git.GitException: Could not clone git@host:abc
Caused by: hudson.plugins.git.GitException: Error performing command: git clone --progress -o origin git@host:abc /var/lib/jenkins/workspace/abc_build
Command "git clone --progress -o origin git@host:abc /var/lib/jenkins/workspace/abc_build" returned status code 128: Initialized empty Git repository in /var/lib/jenkins/workspace/abc_build/.git/
Host key verification failed.
fatal: The remote end hung up unexpectedly
Caused by: hudson.plugins.git.GitException: Command "git clone --progress -o origin git@host:abc /var/lib/jenkins/workspace/abc_build" returned status code 128: Initialized empty Git repository in /var/lib/jenkins/workspace/abc_build/.git/
Host key verification failed.
fatal: The remote end hung up unexpectedly
Trying next repository
ERROR: Could not clone repository
FATAL: Could not clone

So it is still hinting that my SSH keys are not set up correctly. Can anyone tell me what keys I need to copy where?

Many thanks, ns

Answer

Andrew T Finnell picture Andrew T Finnell · Apr 17, 2012

Based on the clone URL it appears you are mixing up two different authentication methods. You are trying to SSH into host as the user git not jenkins. Typically when you host your own GIT repositories and clone with git@servername:reponame you use something like gitolite.

Did you set anything up like gitolite?

Try ssh'ing like this instead as the jenkins user.

ssh git@slave 

Then see what that returns. This is an SSH more in line with the git@host:abc you are doing.

If you didnt setup anything else on your server machine, then change your clone url to jenkins@host:pathtorepo

Update

/home/git/.ssh/authorized_keys

Should have an entry like this: (This is all on ONE line)

# gitolite start
command="/home/git/bin/gl-auth-command jenkins",no
-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAt3+od84Gc9NBVrVb3MKjekHcBDwXXONnVYMNVpuRadoz/FPJTkOIxozKVPJDPI670O252giYpF59sOKqAJL0xEVUrhq8cDFuFwQsSAp0ed1kp/GRxx+pwytL58rcVJEHAy2DkD1z5HlNaZyvIxQyfLTnYfuL1Hx6Qe7dal7mXO0= keycomment
# gitolite end

Add repository permissions to jenkins in gitolite: (You may have to clone on the same machine that is hosting your repositories, as the gitolite user)

git clone git@host:gitolite-admin 
cd gitolite-admin
cd conf
vi gitolite.conf

Now find the entry for 'abc' or add one if it doesn't exist

repo    abc
  RW+            = jenkins

Now commit and push changes

git commit -a -m "Adding user jenkins to repo abc"
git push

Now do your ssh git@host again to see if gitolite tells you about your new permissions.