Unable to Connect to Jenkins Server (Amazon Linux AMI) - linux

When I had installed Jenkins on Amazon Linux AMI following steps mentioned in http://bhargavamin.com/how-to-do/install-jenkins-on-amazon-linux-aws/
After installation I was able to open Jenkins through browser but when I selected option "Install Plugins" it showed error as "Unable to connect to Jenkins Server."
So then how to troubleshoot this issue??

The problem here is pretty simple, if you do curl http://127.0.0.1:8080 on your host machine, you should get a message stating:
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Administer
-->
This means that jenkins has anonymous priviledges which is not allowing any connection.
To solve this issue, you will have to do two changes:
Add Jenkins user to root group: sudo usermod -a -G root jenkins
Make Jenkins listen to all external IPs by editing file /etc/sysconfig/jenkins and changing the JENKINS_LISTEN_ADDRESS="0.0.0.0"
Once this is done, restart the jenkins server and then try to install plugins for jenkins.

I'm using this trick https://issues.jenkins-ci.org/browse/JENKINS-45388 and it works. What I did is add passwd: as prefix of file /var/lib/jenkins/secrets/initialAdminPassword and click retry button for several times and finally it works.

Updating java-1.7.0-openjdk to java-1.8.0-openjdk will do the trick and restart the jenkins service or else change the port number and try it.

I got the same error on my ubuntu VPC, here is how I solve Unable to connect to Jenkins issue.
In my VPC Nginx is installed. Nginx is listening on port 80 so you need to open the firewall to that port as well.
To open the firewall use the following command:
sudo ufw allow 80.
And run this command sudo ufw status to verify the firewall is opened for port 80
After that, you can get the default web page for Nginx by using your_public_ip:80 and Jenkins by entering your_public_ip:8080.

1.Click on retry
2.Fill admin user name, pwd ,mail, full name
3.If filled already use pwd given in initialAdminPassword folder
4.proceed

Related

Git clone gives "ssh: connect to host github.com port 22: Connection timed out" Linux /opt directory Amazon EC2 Instance

Issue
I am trying to use git in /opt/jamf2snipe directory on an EC2 Instance. I have tried the following command:
sudo git clone git#github.com:MYUSERNAME/jamf2snipe-school.git
It says connection timed out:
Cloning into 'jamf2snipe-school'...
ssh: connect to host github.com port 22: Connection timed out
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
If I try to run this in my home directory it works fine. It seems to be a permission issue with /opt. I am wary of changing permissions for /opt.
Setup
I am trying to do this on an Amazon EC2 Instance. Currently SSH is limited to certain IP addresses (not including Github). I followed this article from github to use SSH over HTTPS. I tested to make sure I had stuff setup correctly by using:
$ ssh -T git#github.com
received
Hi USERNAME! You've successfully authenticated, but GitHub does not provide shell access.
I did this in /opt/jamf2snipe and the home directory successfully.
First, make sure to, if possible, not use sudo.
In addition of executing commands as root (which is dangerous), it uses its own environment variable, and SSH settings (in /root/.ssh), which differs from your normal EC2 user.
Conversely, making a repository in /opt, which might be accessible only by root, is not the best spot to clone a repository.
Second, Using SSH over the HTTPS port is the usual solution (like this one from 2018) on EC2, where the firewall can block by default SSH egress traffic.

jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection Message [Auth fail]

I am learning to use Jenkins to deploy a .Net 5.0 application on an AWS EC2 server. This is the first time I am using Linux server and Jenkins for .Net (I'm am a life long Windows guy), and I am facing an error while trying to publish my artifacts over SSH to Web Server.
My setup:
Jenkins server is an AWS EC2 Linux AMI server.
Web Server is also an AWS EC2 LInux AMI server.
My Jenkins is correctly installed and working. I am able to build and run unit test cases without any issues.
For Deploy, I am using 'Publish Over SSH' plugin, and I have followed all steps to configure this plugin as mentioned here https://plugins.jenkins.io/publish-over-ssh/.
However, when try to 'Test Configuration', I get the below error,
Failed to connect or change directory
jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [WebServer]. Message [Auth fail]]
I did a ping test from Jenkins server to Web Server, and it is a success.
I'm using the .pem key in the 'Key' section of 'Publish over SSH'. This key is the same key I use to SSH into the web server.
The below link suggests many different solutions, but none is working in my case.
Jenkins Publish over ssh authentification failed with private key
I was looking at the below link which describes the same problem,
Jenkins publish over SSH failed to change to remote directory
However in my case I have kept 'Remote Directory' as empty. I don't know if I have to specify any directory here. Anyways, I tried creating a new directory under the home directory of user ec2-user as '/home/ec2-user/publish' and then used this path as Remote Directory, but it still didn't work.
Screenshot of my settings in Jenkins:
I would appreciate if anyone can point me to the right direction or highlight any mistake I'm doing with my configuration.
In my case following steps solved the problem.
Solution is based on Ubuntu 22.04
add two line in /etc/ssh/sshd_config
PubkeyAuthentication yes
PubkeyAcceptedKeyTypes +ssh-rsa
restart sshd service
sudo service sshd restart
you might consider the following:
a. From the screenshot you’ve provided, it seems that you have checked the Use password authentication, or use different key option which will require you to add your key and password (inputs from these fields will be used in connecting to your server via SSH connection). If you use the same SSH key and passphrase/password on all of your servers, you can uncheck/untick that box and just use the config you have specified above.
b. You might also check if port 22 of your web server allows inbound traffic from the security group where your Jenkins server/EC2 instance is running. See reference here.
c. Also, make sure that the remote directory you have specified is existing otherwise the connection may fail.
Here's the sample config

ec2 instance access failed due to change in owner

When I login to the server, but 22 is already open for all upcoming connections still getting error as below,
ssh Server_Name
ssh: connect to host Server-IP port 22: Connection refused
I misleadingly change the the owner of the system and change root privileges with jenkins. So, right now I could not able to log into the system and port 22 is closed it's throwing the error.
I understood the error issue occurred because of wrong fstab file and wrong editing to sshd conf(Not sure). And, the directory of authorized_keys been messed up. I tried this solution but not working
I tried accessing via public DNS, via private IP address, detaching and re-attaching volumes driver after attaching it to other instance(but, once I attached to it, I could not able to ssh into that instance), etc. but no luck. Also, tried login with Jenkins user still not working. But, jenkins is still running fine on the server and I could access the Jenkins Dashboard and run the shell onto my instance. But, if I try any sudo command, it shows sudo: effective uid is not 0, is sudo installed setuid root?
Build step 'Execute shell' marked build as failure
Questions
Is there any way to get back my instance port 22 running fine as before ?
Is there a way I can run the sudo commands using Jenkins user by creating the job(By running the shell) inside Jenkins ?
I could trace on the IP which clearly shows port 22 is closed and I could not do anything because of it. Thanks in advance.

Cannot contact any KDC in Kerberos?

I'm quite new to Linux but have to get through it for an assignment. I have to send jobs to a Hadoop cluster. I'm sending these jobs inside a Docker container. To access the cluster i have to use the following command: kinit <username>#CUA.SURFSARA.NL . Now of course I've substituted for my actual username. This command works fine inside the Docker container. But to access a resource manager I have to start Firefox from a Kerberos authenticated terminal, this is where I'm running into trouble.
The same command in a fresh terminal results in the following:
kinit: Cannot contact any KDC for realm 'CUA.SURFSARA.NL' while getting initial credentials
Currently I'm suspecting this is caused by missing Kerberos packages.
The command that was giving in the instructions to get these is this:
sudo dnf install krb5-workstation krb5-libs krb5-auth-dialog
However, dnf doesn't work (Ubuntu instead of Fedora?) so I tried apt-get.
But doing that it is unable to locate the krb5-workstation and krb5-libs packages.
How can I get these missing packages? And will this solve the contacting KDC problem?
Please make sure your /etc/hosts file is same as before when you installed KDC.
Once I installed kdc in my lxc but after a day I couldn't start kdc for this type of error that you have got. And make sure that your Kerberos server and client are pingable(ping IP) to each other.
This is super old, but I wanted to say that you'll likely need to stop and start the service once you've edited your /etc/hosts file. At least that was the fix for me.
systemctl stop krb5kdc.service
systemctl start krb5kdc.service
Then do "kinit" again or "kinit -k", then klist. You should now see a ticket.

Jenkins Error 128 / Git Error 403: Jenkins can't connect to my Bitbucket repository

OS: Ubuntu 16.04
Hypervisor: VirtualBox
Network configuration: Nat Network with port forwarding to access the vms through the host ip. I can also ping a VM from another VM.
I try to connect my Jenkins app hosted on a VM to my BitBucket server also on a VM. I followed a tutorial on internet but when i enter the address of my git repository i'm getting this:
Failed to connect to repository : Command "usr/bin/git ls-remote -h http://admin#192.168.6.102:8005/scm/tes/repository-test.git HEAD" returned status code 128:
stdout:
stderr: fatal: unable to access 'http://admin#192.168.6.102:8005/scm/tes/repository-test.git/': The requested URL returned error: 403
So, to be sure I tried to exectute the command on the terminal... and on the terminal it seems to work.. I can also push, clone, pull etc..
On this image you can see that it's true
Do you have an explanation?
EDIT:
I try some others things like use or not sudo to see if the permissions problem came from that and it seems that it's not the case.
But I see that there is no result when we use the "HEAD" argument.
Do you think that because "HEAD" give no result, git in jenkins interprets it like no answer and returns the damn** error 403?
EDIT 2:
I found that on the web: http: // jenkins-ci.361315.n4.nabble.com/Jenkins-GIT-ls-remote-error-td4646903.html
The guy has the same problem but in a different way, I will try to allocate more RAM to see if it does the trick.
There could be many possible problems, but you are getting 403 - Access Forbidden, which indicates some problem with permissions. I would suggest first common mistakes:
a) trying https instead http - my scm only uses https,
b) check if admin is correct - scm by default uses scmadmin.
Here I run the exact same command twice.
The first time I used the proxy configuration wich I need to access internet, and the second time I set the mandatory server on "none".
So there is a problem with the damn proxy.
I was thinking that the proxy was not used in NAT connection with VirtualBox...
I found the solution.
I had to reinstall jenkins to have a user named "jenkins" with his own home directory.
I don't know if it is linked or not, but I configured my bitbucket server to use only HTTPS with a self signed certificate (I work in lan)
My troubleshoot was linked with my proxy settings.
I disabled all my proxy settings in Linux so I was able to launch the command that did'nt worked in jenkins with terminal.
I logged with sudo su jenkins the commands also worked.
I found out that in the home directory of the jenkins user there was a "proxy.xml" file. I opened it and saw my old proxy settings.
I deleted all the content with vim, saved and restarted and the error was gone.
there can be git version miss match.....
I would suggest you update git once. maybe it will resolve your issues.

Resources