id_rsa" is not a valid key file.

[praveen....@gmail.com]

We are setting up gerrit trigger in jenkins & getting id_rsa" is not a valid key file error

Verified the file permission

drwx------   2 xxxxx xxxxxx 4.0K Oct 11 04:39 .ssh

-rw-------  1  xxxxx xxxxxx 2.6K Oct 11 04:23 id_rsa

[John Patrick]

what about id_rsa.pub

I've got;

-rw-------    1 xxxxxx  xxxxxx   xxxx xxxxxxxxx id_rsa
-rw-r--r--    1 xxxxxx  xxxxxx    xxx xxxxxxxxx id_rsa.pub

have you tried doing ssh without gerrit, to see if ssh or the gerrit config/setup.

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/19066da8-a2e8-4fc3-8edf-9c1a6af594cbn%40googlegroups.com.

[praveenm mulimani]

you mean ssh -p port no and gerrit ?

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAH9u10mDBM1E0DM2oFpi%2BAPmce-pJHJEjeceBeWWFfaDd7KBOQ%40mail.gmail.com.

--

Praveen M
9986069592

[praveenm mulimani]

public key there is no issue we are able to access authentication is a success.

only issue is jenkns gerrit trigger  --- >>>  id_rsa" is not a valid key file.

On Wed, Oct 11, 2023 at 12:13 PM John Patrick <nhoj.p...@gmail.com> wrote:

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAH9u10mDBM1E0DM2oFpi%2BAPmce-pJHJEjeceBeWWFfaDd7KBOQ%40mail.gmail.com.

--

Praveen M
9986069592

[Maciej Jaros]

praveen....@gmail.com (2023-10-11 06:40):

> -rw-------  1 xxxxx xxxxxx 2.6K Oct 11 04:23 id_rsa --

That key seems a bit short for RSA, maybe jenkins-gerrit requires longer
one?

Another option I would see is that the client is old and will not be
able to use RSA at all. OpenSSH 8.8 disables RSA using SHA-1 and so you
might need to use ECDSA key. ECDSA might work in clients as far back as
in OpenSSH 5.x and be able to connect event to OpenSSH 9.x based servers.

So you might want to generate a new key (and configure the key with gerrit):
ssh-keygen -t "ecdsa-sha2-nistp521"

Regards,
Maciej Nux.

[Dirk Heinrichs]

Am Donnerstag, dem 12.10.2023 um 10:48 +0200 schrieb 'Maciej Jaros' via Jenkins Users:

Another option I would see is that the client is old and will not be

able to use RSA at all. OpenSSH 8.8 disables RSA using SHA-1 and so you might need to use ECDSA key.

To clarify: OpenSSH 8.8 disables the SHA-1 key signing algorithm. You can, of course, still use RSA keys, given that they have been signed with a more modern signing algorithm (that is: created with a more recent OpenSSH version). However, EC based keys should be preferred, as they are generally shorter (and thus faster).

Bye...

Dirk

-- 

Dirk Heinrichs

Senior Systems Engineer, Delivery Pipeline

OpenText ™ Discovery | Recommind

Phone: +49 2226 15966 18

Email: dhei...@opentext.com

Website: www.recommind.de

Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach

Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646

This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden

Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet.

[praveenm mulimani]

Generated new key ssh-keygen -t "ecdsa-sha2-nistp521"

Error:

The connection could not be established! Check your settings and the Gerrit server.

Gerrit Missed Events Playback is not supported. Verify if the connection has the REST API enabled and that the Gerrit Events-log plugin is installed and configured on the Gerrit Server.

Jenkins System logs

Oct 13, 2023 1:36:00 AM SEVERE com.sonymobile.tools.gerrit.gerritevents.GerritConnection connect

Could not connect to Gerrit server! Host: gerrit Port: 29418

Oct 13, 2023 1:36:00 AM SEVERE com.sonymobile.tools.gerrit.gerritevents.GerritConnection connect

 Proxy: 

Oct 13, 2023 1:36:00 AM SEVERE com.sonymobile.tools.gerrit.gerritevents.GerritConnection connect

 User: jenkins.lgsi KeyFile: /home/jenkins/.ssh/id_rsa

Oct 13, 2023 1:36:00 AM SEVERE com.sonymobile.tools.gerrit.gerritevents.GerritConnection connect

IOException: 
com.jcraft.jsch.JSchException: Auth fail
	at com.jcraft.jsch.Session.connect(Session.java:519)
	at com.sonymobile.tools.gerrit.gerritevents.ssh.SshConnectionImpl.connect(SshConnectionImpl.java:196)
Caused: com.sonymobile.tools.gerrit.gerritevents.ssh.SshException
	at com.sonymobile.tools.gerrit.gerritevents.ssh.SshConnectionImpl.connect(SshConnectionImpl.java:200)
	at com.sonymobile.tools.gerrit.gerritevents.ssh.SshConnectionFactory.getConnection(SshConnectionFactory.java:140)
	at com.sonymobile.tools.gerrit.gerritevents.ssh.SshConnectionFactory.getConnection(SshConnectionFactory.java:117)
	at com.sonymobile.tools.gerrit.gerritevents.GerritConnection.connect(GerritConnection.java:498)
	at com.sonymobile.tools.gerrit.gerritevents.GerritConnection.run(GerritConnection.java:404)

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/aac8bd13-13da-e90e-fe7a-9bb83c1e19c7%40mol.com.pl.

--

Praveen M
9986069592