[JIRA] (JENKINS-58100) sshagent doesn't get the private key correctly from credential

[riahi.amine92@gmail.com (JIRA)]

ghost ghost created an issue

Jenkins / JENKINS-58100 sshagent doesn't get the private key correctly from credential Issue Type: Bug Assignee: Unassigned Components: ssh-agent-plugin Created: 2019-06-19 15:28 Priority: Blocker Reporter: ghost ghost when i use physique private key stocked on my server the ssh connection is well done , but when i use sshagent to get the private key form the credential which have the same key (allready verified) the connection is failed. /!\ i'm using sshagent in the groovy pipeline because i need to use differents credentials :  stage {           steps {                              sshagent (credentials: ['f6cd2c20-74c6-48c1-b728-cce2b7c99687']) {                                                  dir("${PLAY_PATH}") {                        ansiblePlaybook(                                                  colorized: true,                                                  installation: 'ansible',                            playbook: 'deploy_dc.yaml',                             hostKeyChecking: false,                              extras: '-vvvv',                                                  extraVars: [   USER: "${USER_ID}", application: "${Application}" ]                                                                                       )                }           }            }        }     ERROR: ssh-agent] Using credentials jenkins [ssh-agent] Looking for ssh-agent implementation... [ssh-agent] Exec ssh-agent (binary ssh-agent on a remote machine) $ ssh-agent SSH_AUTH_SOCK=/tmp/ssh-YIpaWLmGXvTs/agent.96914 SSH_AGENT_PID=96918 Running ssh-add (command line suppressed) Identity added: /app/list/jenkins/workspace/VFI_SILO1_ETAT_TEST@tmp/private_key_5247074270144721685.key (/app/list/jenkins/workspace/VFI_SILO1_ETAT_TEST@tmp/private_key_5247074270144721685.key) [ssh-agent] Started. [Pipeline] { [Pipeline] dir Running in /app/list/ansible/Ansible [Pipeline] { [Pipeline] ansiblePlaybook [AnsibleCAGIP] $ ansible-playbook deploy_dc.yaml -e USER=jenkins -e application=wn --vvvv ansible-playbook 2.4.2.0 config file = /app/list/ansible/Ansible/configuration/ansible_LR023MID.cfg configured module search path = [u'/app/list/home/dcexploit/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Mar 26 2019, 22:13:06) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)] Using /app/list/ansible/AnsibleCAGIP/configuration/ansible_LR023MID.cfg as config file setting up inventory plugins Parsed /app/list/ansible/AnsibleCAGIP/configuration/hosts_LR023MID inventory source with ini plugin Loading callback plugin debug of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/_init_.pyc PLAYBOOK: deploy_dc.yaml ******************************************************* 1 plays in deploy_dc.yaml PLAY [wn.s1n.integration.stop] ************************************************* Read vars_file 'group_vars/all' TASK [Gathering Facts] ********************************************************* Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py <10.186.xx.xx> ESTABLISH SSH CONNECTION FOR USER: jenkins <10.186.xx.xx> SSH: EXEC ssh -vvv -E /app/list/ansible/Ansible/key/log -o GSSAPIAuthentication=yes -o UserKnownHostsFile=/app/list/ansible/Ansible/configuration/known_hosts_LR023MID -o User=jenkins -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=jenkins -o ConnectTimeout=10 10.186.xx.xx '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"'' fatal: [ANS_IAOXAS01]: UNREACHABLE! => { "changed": false, "unreachable": true } MSG: SSH Error: data could not be sent to remote host "10.186.xx.xx". Make sure this host can be reached over ssh PLAY RECAP ********************************************************************* ANS_IAOXAS01 : ok=0 changed=0 unreachable=1 failed=0 Add Comment

This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

[riahi.amine92@gmail.com (JIRA)]

ghost ghost stopped work on JENKINS-58100

Change By: ghost ghost Status: In Progress Open

Add Comment

[riahi.amine92@gmail.com (JIRA)]

ghost ghost started work on JENKINS-58100

Change By: ghost ghost Status: Open In Progress

Add Comment

[riahi.amine92@gmail.com (JIRA)]

ghost ghost updated an issue

Jenkins / JENKINS-58100 sshagent doesn't get the private key correctly from credential

Change By: ghost ghost I have a problem to get the private key from my credential correctly.

Loading callback plugin debug of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc

PLAYBOOK: deploy_dc.yaml ******************************************************* 1 plays in deploy_dc.yaml PLAY [wn.s1n.integration.stop] ************************************************* Read vars_file 'group_vars/all' TASK [Gathering Facts] ********************************************************* Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py <10.186.xx.xx> ESTABLISH SSH CONNECTION FOR USER: jenkins <10.186.xx.xx> SSH: EXEC ssh -vvv -E /app/list/ansible/Ansible/key/log -o GSSAPIAuthentication=yes -o UserKnownHostsFile=/app/list/ansible/Ansible/configuration/known_hosts_LR023MID -o User=jenkins -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=jenkins -o ConnectTimeout=10 10.186.xx.xx '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"'' fatal: [ANS_IAOXAS01]: UNREACHABLE! => { "changed": false, "unreachable": true } MSG: SSH Error: data could not be sent to remote host "10.186.xx.xx". Make sure this host can be reached over ssh PLAY RECAP ********************************************************************* ANS_IAOXAS01 : ok=0 changed=0 unreachable=1 failed=0

Add Comment

[riahi.amine92@gmail.com (JIRA)]

ghost ghost updated an issue

Jenkins / JENKINS-58100 sshagent doesn't get the private key correctly from credential Change By: ghost ghost

*Description*: I have a problem to get the private key from my credential correctly.

when i use physique private key stocked on my server the ssh connection is well done , but when i use sshagent to get the private key form the credential which have the same key (allready verified) the connection is failed. /!\ i'm using sshagent in the groovy pipeline because i need to use differents credentials :  stage {           steps {                              sshagent (credentials: ['f6cd2c20-74c6-48c1-b728-cce2b7c99687']) \{                                                  dir("${PLAY_PATH}") {                        ansiblePlaybook(                                                  colorized: true,                                                  installation: 'ansible',                            playbook: 'deploy_dc.yaml',                             hostKeyChecking: false,                              extras: '-vvvv',                                                  extraVars: [   USER: "${USER_ID}", application: "${Application}" ]                                                                                       )                }           }            }        }

{color:#de350b}* ERROR: *{color}

SSH LOGS: debug2: we did not send a packet, disable method debug3: authmethod_lookup gssapi-keyex debug3: remaining preferred: hostbased,publickey debug3: authmethod_is_enabled gssapi-keyex debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug2: we did not send a packet, disable method debug3: authmethod_lookup publickey debug3: remaining preferred: ,publickey debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /app/list/ansible/AnsibleCAGIP/ssh2624063434461069172.key debug3: sign_and_send_pubkey: RSA SHA256:Rq+xWY9mwHUiwxVI63nFd1slCcSZ82+lABDE8GeLOMI debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive debug1: Offering public key: RSA SHA256:foFkT1HgRoCQr1nsrsDix7MixqmER/sJ2ZU42hvO+1M /etc/ssh/identity/dcexploit debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive debug1: Offering public key: RSA-CERT SHA256:foFkT1HgRoCQr1nsrsDix7MixqmER/sJ2ZU42hvO+1M /etc/ssh/identity/dcexploit debug3: send_pubkey_test debug3: send packet: type 50

Add Comment

[riahi.amine92@gmail.com (JIRA)]

ghost ghost updated an issue

Jenkins / JENKINS-58100 sshagent doesn't get the private key correctly from credential Change By: ghost ghost

*Description*: I have a problem to get the private key from my credential correctly. when i use physique private key stocked on my server the ssh connection is well done , but when i use sshagent to get the private key form the credential which have the same key (allready verified) the connection is failed. /!\ i'm using sshagent in the groovy pipeline because i need to use differents credentials :  stage {           steps {                              sshagent (credentials: ['f6cd2c20-74c6-48c1-b728-cce2b7c99687']) \{                                                  dir("${PLAY_PATH}") {                        ansiblePlaybook(                                                  colorized: true,                                                  installation: 'ansible',                            playbook: 'deploy_dc.yaml',                             hostKeyChecking: false,                              extras: '-vvvv',                                                  extraVars: [   USER: "${USER_ID}", application: "${Application}" ]                                                                                       )                }           }            }        }

{color:#de350b}*ERROR:*{color}

debug1: Trying private key: /app/list/ ansible jenkins / AnsibleCAGIP workspace / ssh2624063434461069172 VFI_SILO1_ETAT_TEST@tmp/private_key_5247074270144721685 .key

debug3: sign_and_send_pubkey: RSA SHA256:Rq+xWY9mwHUiwxVI63nFd1slCcSZ82+lABDE8GeLOMI debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive debug1: Offering public key: RSA SHA256:foFkT1HgRoCQr1nsrsDix7MixqmER/sJ2ZU42hvO+1M /etc/ssh/identity/dcexploit debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive debug1: Offering public key: RSA-CERT SHA256:foFkT1HgRoCQr1nsrsDix7MixqmER/sJ2ZU42hvO+1M /etc/ssh/identity/dcexploit debug3: send_pubkey_test debug3: send packet: type 50

Add Comment

[riahi.amine92@gmail.com (JIRA)]

{color:#de350b}* SSH LOGS: *{color}

debug2: we did not send a packet, disable method debug3: authmethod_lookup gssapi-keyex debug3: remaining preferred: hostbased,publickey debug3: authmethod_is_enabled gssapi-keyex debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug2: we did not send a packet, disable method debug3: authmethod_lookup publickey debug3: remaining preferred: ,publickey debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey

debug1: Trying private key: /app/list/jenkins/workspace/VFI_SILO1_ETAT_TEST@tmp/private_key_5247074270144721685.key

debug3: sign_and_send_pubkey: RSA SHA256:Rq+xWY9mwHUiwxVI63nFd1slCcSZ82+lABDE8GeLOMI debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive debug1: Offering public key: RSA SHA256:foFkT1HgRoCQr1nsrsDix7MixqmER/sJ2ZU42hvO+1M /etc/ssh/identity/dcexploit debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive debug1: Offering public key: RSA-CERT SHA256:foFkT1HgRoCQr1nsrsDix7MixqmER/sJ2ZU42hvO+1M /etc/ssh/identity/dcexploit debug3: send_pubkey_test debug3: send packet: type 50

Add Comment

[riahi.amine92@gmail.com (JIRA)]

ghost ghost commented on JENKINS-58100

Re: sshagent doesn't get the private key correctly from credential ih anyone have any idea about my problem ?

Add Comment

[riahi.amine92@gmail.com (JIRA)]

ghost ghost updated an issue

Jenkins / JENKINS-58100

sshagent doesn't get the private key correctly from credential

Change By: ghost ghost *Description*: I have a problem to get use the private key from my credential correctly to establish ssh connection on my remote server .

{color:#de350b}*SSH LOGS:*{color}

Add Comment

[vrnsky@protonmail.ch (JIRA)]

Egor Voronyansky updated an issue

Jenkins / JENKINS-58100 sshagent doesn't get the private key correctly from credential

Change By: Egor Voronyansky *Description*: I have a problem to use the private key from my credential to establish ssh connection on my remote server.

when i use physique private key stocked on my server the ssh connection is well done , but when i use sshagent to get the private key form the credential which have the same key (allready verified) the connection is failed. /!\ i'm using sshagent in the groovy pipeline because i need to use differents credentials :

{code}

{code}

Add Comment