I'm trying to add a build step in jenkins to copy files from my build server to my web application server. I've got the following command working in the command prompt
sudo scp -r /var/lib/jenkins/workspace/demoproj/publish root#0.0.0.0:/usr/temp
but when I run this command, it prompts me for a password every time. I found out about sshpass, but when I run this command...
sudo sshpass -p "passwordhere" scp -r /var/lib/jenkins/workspace/demoproj/pub root#0.0.0.0:/usr/temp
the terminal gets stuck. And never makes it through.
My main problem is if I add the first command to a build step in jenkins, it won't be able to pass the password over. How can I either supply the password in jenkins, or modify the command to pass over my credentials?
Helpful information: I'm using Putty on Windows 10 to connect to my
Ubuntu 16.04.3 LTS x64 servers from another Ubuntu 16.04.3 server.
First, sshpass needs to be installed on both the systems that is, the one running your jenkins instance as well as the one you are trying to access that is: root#0.0.0.0. You can verify it by doing 'which sshpass' or 'whereis sshpass'. If its not installed even in one of them then you need to install it first.
Also, Have you ever tried doing a ssh to the said machine: root#0.0.0.0 from the system where you have your jenkins instance? If not then there might not be an entry in the 'known-hosts' of either system. for that you can do ssh with '-o StrictHostKeyChecking=no' option to make an automatic entry in known-hosts.
Alternatively, if you dont want to enter password again and again you should work with 'keys'. Generate a unique key for both the systems and do an scp or ssh with -i option.
You should use jenkins credentials instead of using sensitive passwords directly into the scripts. Put the whole scp or ssh part inside a block which looks like: withCredentials(){}.
What's the point of having CI if you are required to be nearby to enter password every time? Install "publish over ssh" plugin, it has a step to send stuff over ssh.
https://wiki.jenkins.io/display/JENKINS/Publish+Over+SSH+Plugin
Look at "Use SSH during a build" section, you can use "send files or execute commands over SSH" build step. This shall become available after plugin installation.
Related
Am looking for the best & proper method to execute script on remote via Jenkins job.
What is better:
Write the commands directly on the Jenkins "Exec command" label on the "Send files or execute commands over SSH" tab.
Just copy a bash file to the remote and execute it through Jenkins "Exec Com.." label command.
The reason I'm asking this question is because I am struggling with the second approach (i.e. execute local file which located on the remote...) and thinking maybe that not the best practice.
In addition, should I execute the script using sudo (because running as sudo causes me gitlab issues when try to clone..).
And when I am execute the the script he ask for password.
So far added permissions to /etc/sudoers not do the job but I'm thinking maybe that's a tab/lines issue...possible ?
Any suggestions ?
I personally would go for SSH protocol approach (Simple, secure and reliable). Moreover, there are some plugins already made for those use cases you've mentioned.
1. SSH plugin
You can use the SSH Plugin to run shell commands on a remote machine
via ssh.
So this plugin would fit into your first option of executing script or commands on remote via SSH.
2. Publish Over SSH Plugin
The goal of the Publish Over plugins is to provide a consistent set of
features and behaviors when sending build artifacts ... somewhere.
The Publish over SSH plugin will allow you copy files to a remote server and execute arbitrary commands on the remote server. So this fits into your second approach where you want to first copy script and then execute.
Really you can use any of those plugins (Both use SSH so it's more secure). The question is what suits you the most. Choose wisely :)
I'm have some bash script (myscript.sh), one of logical steps is to run ssh command against Windows machine running open-ssh.
When I'm running the script (myscript.sh) from the shell everything works fine.
But when I am running same script from Jenkins (CentOS 7.3) it fails to retrieve content via ssh command: ssh root#windows-server hostname.
Please need your help.
The user running the jenkins process do probably not have the correct executable rights or group membership to do so.
Try
sudo -u "jenkinsuser" myscript.sh
If that fails you confirmed the issue.
Change the execute rights on your script or put the server process owner in the right group if this is the case.
I want to upload a file which can auto run and reboot on a linux system.
Or atleast do some changes on the system.
Please provide some help.
Use scp to copy the script to the device.
scp myscript user#server:/tmp/myscript
Then run with ssh.
ssh user#server 'sh /tmp/myscript'
Or if you don't want to enter the password, you can use certificate based authentication.
If you want it to periodically run automatically, configure the Linux system to run it as a cron job
I am using SSH to login to an ubuntu server. However, I am not able to use commands such as tab auto-complete, or using arrow keys to view previous history. I have installed rlwrap on the remote machine and on my local directory. I was wondering if there was any way to use rlwrap to allow me to use these shortcuts on the server (or something else). The server is running Ubuntu Server edition 10.0.4.
Check your shell on the remote server, change it to /bin/bash if it is not
chsh /bin/bash
I have some difficulty understanding your question (e.g. what commands are you running on the remote server? What is your local directory and how does one install rlwrap on it?. Does the input history of your login shell work properly?)
In general:
When an interactive command doesn't have a usable (by way of the arrow keys) input history, type rlwrap in front of the command name. E.g.: rlwrap sqlplus instead of just sqlplus
If you cannot use your arrow keys at all, even in your login shell, something is wrong with your installation. In that case you'll have to ask the remote machine's system administrator to help you. You could run rlwrap ssh remote.host from a shell prompt on your local machine as a stop-gap measure
I want to run a script on remote server using SSH.
I have write all the code which runs properly using system command.
To run my code on remote server I need some packages which I need to install on remote server.
To do so I need login into remote terminal as a ROOT user. When I try to do using Ruby script so I get something like following
[not_root_user#remote_server]$ su
Password:
I need some command using which I can able to login into the remote server something like following
[not_root_user#remote_server]$ su -p ******
[root#remote_server]#
Is there any linux command which accepts the password in it?
So you want your script to act as root?
It's not really recommended, but you can use expect: http://en.wikipedia.org/wiki/Expect
The wiki there has a walkthrough for a basic automated telnet session that you could adapt to your needs.
However, you're going to have your root password in plain text, which could be a security issue. If you go that route, I'd definitely obliterate all copies of that script from the universe once this package is installed.
But if you're allowing direct root logins, you've already got a bit of a security problem. Sudo works out-of-the-box on every modern linux distro I've used, I'd stick with that, if possible.
Another option which is equally tasteless would be to set up root-to-root login without a password via ssh.
Sudo would be my first option to getting around this. Although not the best option.
You can also use Key authentication with SSH, and if password authentication is turned off there is no need to enter a password.