Creating SSH keys for Gerrit and Hudson

Josh Smith picture Josh Smith · Sep 14, 2010 · Viewed 18.5k times · Source

I'm trying to use the Hudson Gerrit Trigger plug-in.

For whatever reason, Gerrit is not accepting the SSH key located at /var/lib/hudson/.ssh/id_rsa.

In the GUI I get Connection error : com.jcraft.jsch.JSchException: Auth fail as an error, and when I'm working in the terminal I get a Permission denied (publickey) error.

How can I generate and use a working private key so Hudson and Gerrit can play nice?

Answer

VonC picture VonC · Sep 14, 2010

The OP Josh Smith managed to sort it out:

I'd actually needed to add the SSH key from /var/lib/hudson/.ssh/id_rsa.pub for the user (me) into the Gerrit GUI.
Then from there it worked like a charm.
The username must be the username in Gerrit (the admin account).

My original advice is below:


What is the user which will use the web based code review system Gerrit?

That user needs your /var/lib/hudson/.ssh/id_rsa.pub public ssh key in its $HOME/.ssh/authorized_keys, as illustrated in this guide.

alt text

Key Distribution

The public portion of the RSA key pair must be copied to any servers that will be accessed by the client. The public key information to be copied should be located in the ~/.ssh/id_rsa.pub file on the client.
Assuming that all of the servers use OpenSSH instead of a different SSH implementation, the public key data must be appended into the ~/.ssh/authorized_keys file on the servers.

# first, upload public key from client to server
client$ scp ~/.ssh/id_rsa.pub server.example.org:

# next, setup the public key on server
server$ mkdir ~/.ssh
server$ chmod 700 ~/.ssh
server$ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
server$ chmod 600 ~/.ssh/authorized_keys
server$ rm ~/id_rsa.pub

Be sure to append new public key data to the authorized_keys file, as multiple public keys may be in use. Each public key entry must be on a different line.