run bash as another user other than go

23 views
Skip to first unread message

Obiageli Adegbite

unread,
Jun 22, 2022, 11:48:31 AM6/22/22
to go-cd
Hello,
I am trying to automate ssh to another server from the go agent but i am unable to generate a key for the go user as i dont know the password how can i run the script as another user or is there a way to generate a key for the go user.

Obiageli Adegbite

unread,
Jun 23, 2022, 10:22:43 AM6/23/22
to go-cd
Hi All,
Resolved this so to access the go user ;
sudo su - go
They do the ssh key gen here to automate ssh using keys

Chad Wilson

unread,
Jun 23, 2022, 11:09:56 AM6/23/22
to go...@googlegroups.com
OK, good you have found a way forward -  but just a note that you shouldn't have to ssh as the go user from the agent to another host just because the agent runs builds as a local go user.

In fact I'd probably discourage things like this, and recommend you decouple what you run on your agents from the agent itself as much as possible. In general, you want your tasks to know as little as possible about the environment they are running in (whether it is GoCD or some other task runner).

With general SSH, you should be able to use any keypair and user identity you like with ssh -i <path_to_private_key_file> my-user@my-other-server, or by having a custom ~/.ssh/config entry corresponding to my-other-server to tell it which key to use. Then the linked public key imported as trusted for my-user@my-other-server. I may be missing something, however to me it seems your question might be a more general question about how to use SSH and do user/key management than about things specific to GoCD.

While GoCD doesn't have any special SSH key support "magic", if this is something that is being run for a specific pipeline's GoCD job/task, after generating a keypair, you could manage the private key as a secret parameter within GoCD and write it temporarily to a file as part of a script task before it does an ssh (along with many other ways to achieve the same thing) to further decouple what you have to do in a task from the configuration of the agent itself.

-Chad


--
You received this message because you are subscribed to the Google Groups "go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email to go-cd+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/go-cd/2f8f80a2-6c29-497f-a468-7796175e27d7n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages