Authentication failed - linux

i got this error after setting a slave node, somebody please help~
i can ssh on the slave node without problem, it only happens on jenkins.
[11/20/14 21:01:30] [SSH] Opening SSH connection to 10.105.5.34:22.
[11/20/14 21:01:30] [SSH] Authentication failed.
hudson.AbortException: Authentication failed.
at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1178)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:701)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:696)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)
[11/20/14 21:01:30] Launch failed - cleaning up connection
[11/20/14 21:01:30] [SSH] Connection closed.
jenkins version is the latest 1.59, ssh plugin also is the latest

Try to ssh to the host using this command:
ssh -v -i ~/.ssh/id_rsa remoteuser#server
where the id_rsa (or dsa) is your key. Test it well because that's probably where your problem is. On the server look at the auth.log. You should be able to see errors in case of:
home permissions/ownership are not OK
.ssh permissions/ownership are not OK
keys permissions/ownership are not OK
Key based authentication is very strict towards permissions of the keys, home and the .ssh folder. Especially if strict mode is turned on in the sshd_config of the SSH server. You should have something like that set:
chmod go-w ~/
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Related

Auth Fail Issue while creating a site

I am getting the following error while creating a site on my local
org.craftercms.deployer.api.exceptions.DeployerException: Failed to clone Git remote repository ssh://crafter#sampleserver.com:63022/opt/crafter/data/repos/sites/sample-site/published into /Users/parasjain/local-delivery/data/repos/sites/sample-site; nested exception is org.eclipse.jgit.api.errors.TransportException: ssh://crafter#sampleserver.com:63022/opt/crafter/data/repos/sites/sample-site/published: Auth fail
at org.craftercms.deployer.impl.processors.GitPullProcessor.cloneRemoteRepository(GitPullProcessor.java:150)
at org.craftercms.deployer.impl.processors.GitPullProcessor.doClone(GitPullProcessor.java:121)
at org.craftercms.deployer.impl.processors.GitPullProcessor.doExecute(GitPullProcessor.java:72)
at org.craftercms.deployer.impl.processors.AbstractMainDeploymentProcessor.execute(AbstractMainDeploymentProcessor.java:70)
at org.craftercms.deployer.impl.DeploymentPipelineImpl.executeProcessors(DeploymentPipelineImpl.java:76)
at org.craftercms.deployer.impl.DeploymentPipelineImpl.execute(DeploymentPipelineImpl.java:68)
at org.craftercms.deployer.impl.TargetImpl$DeploymentTask.run(TargetImpl.java:242)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
This is the command I am using
./init-site.sh -k /Users/parasjain/myprivatekey.key sample-site
ssh://crafter#sampleserver.com:63022/opt/crafter/data/repos/sites/sample-site/published
However with the same key and user name git clone works just fine
ssh-add /Users/parasjain/myprivatekey.key
git clone ssh://crafter#sampleserver.com:63022/opt/crafter/data/repos/sites/sample-site/published
This kind of error most commonly occurs when OpenSSH keys are used. Currently, CrafterCMS does not support OpenSSH keys. Please use RSA keys instead.
You can find documentation for troubleshooting here

How to configure slave node in jenkins with SSH-agent

I was configuring a slave node in Jenkins with SSH Agent but I get the follow error:
[10/31/17 15:23:37] [SSH] Checking java version of java
[10/31/17 15:23:37] [SSH] java -version returned 1.8.0_151.
[10/31/17 15:23:37] [SSH] Starting sftp client.
[10/31/17 15:23:37] [SSH] Remote file system root /var/jenkins does not exist. W
ill try to create it... java.io.IOException: Could not copy slave.jar into /var/
jenkins on slave at hudson.plugins.sshslaves.SSHLauncher.copySlaveJar(SSHLaunche
r.java:1152) at hudson.plugins.sshslaves.SSHLauncher.access$400(SSHLauncher.java
:145) at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:816) at hu
dson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:793) at java.util.con
current.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolEx
ecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoo
lExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread
.java:748) Caused by: java.io.IOException: Failed to mkdir /var/jenkins at hudso
n.plugins.sshslaves.SFTPClient.mkdirs(SFTPClient.java:83) at hudson.plugins.sshs
laves.SSHLauncher.copySlaveJar(SSHLauncher.java:1120) ... 7 more Caused by: com.
trilead.ssh2.SFTPException: Permission denied (SSH_FX_PERMISSION_DENIED: The use
r does not have sufficient permissions to perform the operation.) at com.trilead
.ssh2.SFTPv3Client.expectStatusOKMessage(SFTPv3Client.java:555) at com.trilead.s
sh2.SFTPv3Client.mkdir(SFTPv3Client.java:955) at hudson.plugins.sshslaves.SFTPCl
ient.mkdirs(SFTPClient.java:81) ... 8 more
[10/31/17 15:23:37] Launch failed - cleaning up connection
[10/31/17 15:23:37] [SSH] Connection closed.
How do I configure slave node in jenkins with SSH-agent?
In the slave configuration on the Jenkins Master, adjust the remote root to a existing directory (or a sub-directory of one that the Jenkins user is allowed to write into), or create /var/jenkins on the slave machine and allow the Jenkins user to write there.
In according to error message:
Caused by: com.
trilead.ssh2.SFTPException: Permission denied (SSH_FX_PERMISSION_DENIED: The use
r does not have sufficient permissions to perform the operation.)
make sure that jenkins user on your slave-node has permissions to create directory /var/jenkins.
log in to your slave, Then run: mkdir /var/jenkins
Then change dir owner to jenkins: chown jenkins /var/jenkins
Re-launch slave agent from master.

Enabling non root user to run tomcat with port 443

I am trying to run tomcat with https as a non-root user. Configured server.xml with required port modification and added SSL configuration.
However when I execute sudo systemctl restart tomcat get following error in catalina.out
org.apache.coyote.AbstractProtocol.init Failed to initialize end point associated with ProtocolHandler ["https-jsse-nio-443"]
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method)
at sun.nio.ch.Net.bind(Net.java:433)
at sun.nio.ch.Net.bind(Net.java:425)
Follow this post
Resolution point number 5 works better
# setcap cap_net_bind_service+ep /path/to/bin/java

Could not copy slave.jar into '/home/jenkins' on slave

My existing jenkins master-slave connection got broken . I tried establishing the connection via scp command.
On master:
scp ~/ .ssh/id_rsa.pub jenkins#<my_slave_machine>:/tmp
On slave :
• ssh-keygen –b 2048 –t rsa
• Press enter for " Enter file in which to save the key (/home/jenkins/.ssh/id_rsa) : "
• Press enter for " Enter passphrase (empty for no passphrase):"
• Press enter for " Enter same passphrase again:"
• cd .ssh/
• touch authorized_keys
• chmod 600 authorized_keys
• cat /tmp/id_rsa.pub >> authorized_keys
After trying to connect from UI, getting the below error.
[12/05/16 07:53:48] [SSH] Opening SSH connection to <my_slave_machine>:22.
[12/05/16 07:53:49] [SSH] Authentication successful.
[12/05/16 07:53:49] [SSH] The remote users environment is:
ENV=/home/dx00926/.kshrc
FACTERLIB=/var/lib/puppet/rel_RHEL6_64_670/lib/facter
FCEDIT=ed
HISTCMD=0
HOME=/home/dx00926
IFS=$' \t\n'
JOBMAX=0
KSH_VERSION=.sh.version
LINENO=1
LOGNAME=dx00926
MAIL=/var/mail/dx00926
MAILCHECK=600
OPTIND=1
PATH=/usr/bin:/bin:/usr/sbin:/sbin:/opt/adnssh/bin
PPID=1455663
PS2='> '
PS3='#? '
PS4='+ '
PWD=/home/dx00926
RANDOM=6009
SECONDS=0.000
SFTP_PERMIT_CHMOD=1
SFTP_PERMIT_CHOWN=1
SFTP_UMASK=''
SHELL=/bin/ksh
SHLVL=1
SSH_CLIENT='148.112.120.212 35609 22'
SSH_CONNECTION='148.112.120.212 35609 10.33.70.153 22'
TMOUT=0
USER=dx00926
[12/05/16 07:53:49] [SSH] Starting sftp client.
[12/05/16 07:53:49] [SSH] Copying latest slave.jar...
hudson.util.IOException2: Could not copy slave.jar into '/home/jenkins' on slave
at hudson.plugins.sshslaves.SSHLauncher.copySlaveJar(SSHLauncher.java:1054)
at hudson.plugins.sshslaves.SSHLauncher.access$300(SSHLauncher.java:137)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:723)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:706)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
Caused by: hudson.util.IOException2: Could not copy slave.jar to '/home/jenkins/slave.jar' on slave
at hudson.plugins.sshslaves.SSHLauncher.copySlaveJar(SSHLauncher.java:1049)
... 7 more
Caused by: com.trilead.ssh2.SFTPException: Permission denied (SSH_FX_PERMISSION_DENIED: The user does not have sufficient permissions to perform the operation.)
at com.trilead.ssh2.SFTPv3Client.openFile(SFTPv3Client.java:1201)
at com.trilead.ssh2.SFTPv3Client.createFile(SFTPv3Client.java:1074)
at com.trilead.ssh2.SFTPv3Client.createFile(SFTPv3Client.java:1055)
at hudson.plugins.sshslaves.SFTPClient.writeToFile(SFTPClient.java:93)
at hudson.plugins.sshslaves.SSHLauncher.copySlaveJar(SSHLauncher.java:1039)
... 7 more
[12/05/16 07:53:49] Launch failed - cleaning up connection
[12/05/16 07:53:49] [SSH] Connection closed.
I have even tried the below posts, but did not get the resolution.
Jenkins Slave Permission Denied while copying slave.jar
https://issues.jenkins-ci.org/browse/JENKINS-26259
https://issues.jenkins-ci.org/browse/JENKINS-22651
Jenkins slave set-up - Both Master and Slave Nodes are Linux machines
ENV=/home/dx00926/.kshrc
...
HOME=/home/dx00926
...
USER=dx00926
...
hudson.util.IOException2: Could not copy slave.jar into '/home/jenkins' on slave
...
Caused by: com.trilead.ssh2.SFTPException: Permission denied (SSH_FX_PERMISSION_DENIED: The user does not have sufficient permissions to perform the operation.)
It looks like you're connecting to this server as a user named "dx00926". The simplest explanation for this error is that this "dx00926" user on the remote system doesn't have permission to create files in the directory /home/jenkins, or there's an existing file named "/home/jenkins/slave.jar" there and this user doesn't have permission to overwrite its contents.
Either modify the permission on the /home/jenkins directory to permit dx00926 to create files there, or connect to the remote system with a user that does have permissions to create files there.
Like if you have a username "jenkins" and home dir is "/home/jenkins"
You have to put this home directory in your node configuration, see "Remote root directory: /home/jenkins"
It resolved my issue.. especially for AWS-ec2 and dont set full permission on home directory, it will affect it.
I was having this error. I removed the existing remote.jar in the remote server and try to recreate the agent. It went well now
https://issues.jenkins.io/browse/JENKINS-67258
"Please note, apparently upgrading SSH Build Agents / SSH Slaves Plugin to version 1.32.0 and beyond helps with resolving this problem."
I was having this error, and I tried the above solutions, but the only way I was able to resolve it was by deleting the node, deleting the /opt/jenkins folder, and recreating the folder and the node. After that it worked fine.
sudo chmod -R 777 /home/jenkins

Jenkins SSH slave fails to create /home/<user>/jenkins

When configuring an ssh slave on Jenkins, which runs on an ec2 instance, I get the following error message when I click on the "Launch Slave Agent".
[08/06/14 18:41:46] [SSH] Opening SSH connection to ec2-xx-xx-xx-xx.eu-west-1.compute.amazonaws.com:22.
[08/06/14 18:41:46] [SSH] Authentication successful.
[08/06/14 18:41:46] [SSH] The remote users environment is:
[08/06/14 18:41:46] [SSH] Starting sftp client.
[08/06/14 18:41:46] [SSH] SFTP failed. Copying via SCP.
[08/06/14 18:41:46] [SSH] Remote file system root /home/<user>/jenkins does not exist. Will try to create it...
Failed to create /home/<user>/jenkins
[08/06/14 18:41:46] [SSH] Copying latest slave.jar...
hudson.util.IOException2: Could not copy slave.jar into '/home/<user>/jenkins' on slave
at hudson.plugins.sshslaves.SSHLauncher.copySlaveJarUsingSCP(SSHLauncher.java:967)
at hudson.plugins.sshslaves.SSHLauncher.copySlaveJar(SSHLauncher.java:926)
at hudson.plugins.sshslaves.SSHLauncher.launch(SSHLauncher.java:596)
at hudson.slaves.SlaveComputer$1.call(SlaveComputer.java:228)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
Caused by: java.io.IOException: Error during SCP transfer.
at com.trilead.ssh2.SCPClient.put(SCPClient.java:523)
at hudson.plugins.sshslaves.SSHLauncher.copySlaveJarUsingSCP(SSHLauncher.java:965)
... 7 more
Caused by: java.io.IOException: Remote scp terminated unexpectedly.
at com.trilead.ssh2.SCPClient.readResponse(SCPClient.java:50)
at com.trilead.ssh2.SCPClient.sendBytes(SCPClient.java:140)
at com.trilead.ssh2.SCPClient.put(SCPClient.java:519)
... 8 more
[08/06/14 18:41:46] [SSH] Connection closed.
Jenkins configuration for this node is as follows :
Please note that I've set JavaPath property because Jenkins "Couldn't figure out the Java version of java" (that's the error message I was getting)
Any idea how I could fix this issue ? Thanks
I have had same issue. After reading the following post talking about new version, realized something wrong on the SSH plugin that i'm using.
So I have visited to Manage plugins --> Installed --> searched 'SSH' (disabled SSH related clients by removing selection)
Basically you need:
Disabled - SSH Slaves plugin (probably comes with Jenkins)
Added SSH plugin (version 2.4).
Which resolved the issue, that i have had and successfully connected after other setups shown in this doc from step 6, JENKINS-SETTING UP MASTER SLAVE ENVIRONMENT. ( slave.jar -jnlpUrl....)
Hope this will help someone in future.
You need to provide a valid path on the ec2 instance to which the user has an access.
I was experiencing the same thing, no environment variables
The remote users environment is:
(empty)
.
.
.
I set the home directory that i was using for a new one for the jenkins user (example: /jenkinsFolder) and enabled the shell for jenkins in /etc/passwd (it was disabled)
then I was able to see environment variables when launching the slave.

Resources