Jenkins with 2FA manage by privacyID3A

[Michał Lewandowski]

Hello,

Did anyone try to establish two-factor authentication on Jenkins?

I connect to privacyID3A few linux machines used by our programmers team. Login by SSH with RSA key and OTP code works very well but they also using Jenkins to push new code releases and Jenkins is not that smart to provide OTP code (there is option only for RSA key).

I wan't to ask if anybody know some workaround, plugin or other solution to still authorize users with 2FA when they login with SSH and let Jenkins communicate without OTP?

Thanks,

Michal

[Cornelius Kölbel]

I think you need to elaborate on your question.

At first I though you are asking about login with 2FA to the jenkins web UI.

But I think I am wrong?

[Michał Lewandowski]

To be more precise access to my tst/dev machine is possible through privacyID3A, but Jenkins that is used by developers is not able to communicate through OTP (communication is establish by RSA key) and new amendments to the code are not sent to the tst/dev machine. I wonder if there is some possibility to enable access for root to tst/dev machine with 2FA and comunication from Jenkins send only with RSA key (without OTP).

Thanks,

Michal 

[Michał Lewandowski]

I found solution for my problem.

Jenkins is authenticate with system account which is define on tst/dev machine so I just add entry in the end of my sshd_config:

Match user jboss

       AuthenticationMethods publickey

Now user is ask only for private key without OTP code.

This solution also works for Zimbra Mail Server.

Thanks,

Michał