Asked 2/3, 2013 at 11:59 Answered 15/2 at 12:57

211

I have a problem with jenkins, setting "git", shows the following error:

Failed to connect to repository : Command "git ls-remote -h https://[email protected]/person/projectmarket.git HEAD" returned status code 128:
stdout:
stderr: fatal: Authentication failed

I have tested with ssh:

[email protected]:person/projectmarket.git

This is error:

Failed to connect to repository : Command "git ls-remote -h [email protected]:person/projectmarket.git HEAD" returned status code 128:
stdout:
stderr: Host key verification failed.
fatal: The remote end hung up unexpectedly

I've also done these steps with "SSH key".

sudo su jenkins

Copy your github key to Jenkins .ssh folder

cp ~/.ssh/id_rsa_github* /var/lib/jenkins/.ssh/

Rename the keys

mv id_rsa_github id_rsa
mv id_rsa_github.pub id_rsa.pub

but still not working git repository in jenkins.

thanks by help!.

Vile answered 2/3, 2013 at 11:59 Comment(2)

Related: Git error: “Host Key Verification Failed” when connecting to remote repository – Joiejoin 4/9, 2019 at 14:57

no jenkins user existing – Eunuchoidism 3/10, 2019 at 11:35

236

Change to the jenkins user and run the command manually:

git ls-remote -h [email protected]:person/projectmarket.git HEAD

You will get the standard SSH warning when first connecting to a new host via SSH:

The authenticity of host 'bitbucket.org (207.223.240.181)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
Are you sure you want to continue connecting (yes/no)?

Type yes and press Enter. The host key for bitbucket.org will now be added to the ~/.ssh/known_hosts file and you won't get this error in Jenkins anymore.

Olney answered 4/3, 2013 at 6:54 Comment(23)

show this: Permission denied (publickey). fatal: The remote end hung up unexpectedly – Sweeper 4/3, 2013 at 8:40

Right, but that's an entirely different error. Now you have to go add your public key to the repository over at bitbucket.org. – Olney 4/3, 2013 at 16:57

See step 6 here: confluence.atlassian.com/display/BITBUCKET/Set+up+SSH+for+Git – Olney 4/3, 2013 at 16:58

Please accept the answer if the error message went away. Judging by your comment, you are no longer getting the 'host key verification failed' error. The error you're now getting is an authentication error. You have to add your public key on your bitbucket.org repository. – Olney 5/3, 2013 at 18:0

I had to do this and restart my Jenkins app server (Glassfish) for this to work. – Isherwood 12/6, 2013 at 22:58

+1 for "worksforme", had the exact same problem. Created id_rsa for the proper user, chmod-ed to jenkins, added the public key, still did not work. Trying git as sudo -u jenkins yielded the knonwn_hosts file, fixing the problem. – Orthogenesis 13/6, 2013 at 14:11

This worked for me for Jenkins.app on OS X, but you don't need to change to the jenkins user. Just run it from your own user account – Fixity 3/2, 2014 at 22:43

You need to run it as the user that is running Jenkins. On most systems, one typically runs it as a separate user (e.g. a 'jenkins' user). Hence, you would need to switch to that user to ensure that the address for bitbucket.org is added to ~/.ssh/known_hosts. – Olney 4/2, 2014 at 2:41

What this line means: Change to the jenkins user and run the command manually: I am window OS user. – Diverting 16/5, 2016 at 8:40

Modifying the known_hosts file to work for bitbucket worked for me when I had the same error using mercurial – Pert 31/5, 2016 at 21:27

@Pert Yes, you can edit it manually, if you know the server's key. The instruction provided updates known_hosts for you. – Olney 1/6, 2016 at 6:37

did you know you can use ssh-keyscan for this? example: ssh-keyscan -t rsa bitbucket.org >> ~/.ssh/known_hosts – Heiress 27/12, 2016 at 9:1

An important addition: this holds true even if you run the job as a 'specific user'! Despite indicating that the job runs as that user, the known hosts from the jenkins user are used to validate outgoing ssh connections. – Tallie 29/6, 2017 at 12:32

what is the jenkins password? – Eunuchoidism 3/10, 2019 at 11:46

I have a similar requirement. If i"m running git ls-remote .. command through a script, how can i enter yes to the standard SSH warning from the script itself. – Mccourt 24/4, 2020 at 8:42

It asks for a password that i don't know, it's not any of the passwords for git users, jenkins users, or anything else. – Emmerie 1/2, 2021 at 17:19

@Emmerie The "git ls-remote" command? Then you haven't set up public key authentication properly. You need to associate the public key of the jenkins user (or whatever account is running Jenkins) with your Bitbucket account. See the Bitbucket docs for details -- I don't use that service, but the same priniciple is true no matter what Git service you're using. – Olney 2/2, 2021 at 15:32

@Olney i ended up solving this by making a ssh key on the jenkins client and putting it into the keystore in the git server side, this solved my password issues. – Emmerie 3/2, 2021 at 9:11

@Emmerie Yep, that's the right approach. Glad you got it working. – Olney 3/2, 2021 at 21:2

I get this error "Failed to add the host to the list of known hosts (/var/lib/jenkins/.ssh/known_hosts)" after typing "yes", any idea what can be the issue? – Esotropia 7/4, 2022 at 14:54

@Esotropia Check the permissions on the file /var/lib/jenkins/.ssh/known_hosts as well as the permissions on the .ssh directory. Make sure the jenkins user has access to write to the file. – Olney 7/4, 2022 at 16:44

I had to go ahead and add a known_hosts file in the /var/lib/jenkins/.ssh folder. This issue was throwing me off because I was not 100% if the configuration command was running on a Node or on my main Jenkins Server. Once I did that (make sure the file is owned by the jenkins user) my Pipeline config worked as expected. – Meister 3/10, 2022 at 23:19

Thank you! If you don't have the server in known_hosts yet, is there a way to add it in the Jenkins web UI? This only seems to happen on newer Jenkins servers, so maybe it auto accepted the host's keys if they were unknown on the previous ones that I had setup. – Lazos 30/11, 2022 at 16:7

Jenkins is a service account, it doesn't have a shell by design. It is generally accepted that service accounts. shouldn't be able to log in interactively.

To resolve "Jenkins Host key verification failed", do the following steps. I have used mercurial with jenkins.

Execute following commands on terminal

$ sudo su -s /bin/bash jenkins

provide password

Generate public private key using the following command:

ssh-keygen

you can see output as ::

Generating public/private rsa key pair. 
Enter file in which to save the key (/var/lib/jenkins/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again:

Press Enter --> Do not give any passphrase--> press enter

Key has been generated

go to --> cat /var/lib/jenkins/.ssh/id_rsa.pub
Copy key from id_rsa.pub
Exit from bash
ssh@yourrepository
vi .ssh/authorized_keys
Paste the key
exit
Manually login to mercurial server

Note: Pls do manually login otherwise jenkins will again give error "host verification failed"

once manually done, Now go to Jenkins and give build

Enjoy!!!

Good Luck

Sowens answered 17/11, 2014 at 13:12 Comment(1)

WHAT password is requested here? – Eunuchoidism 3/10, 2019 at 12:18

Or you can use:

ssh -oStrictHostKeyChecking=no host

This will be insecure (man in the middle attacks) but easiest solution.

The better way to do that is to generate correct mappings between host and ip address, so ssh will not complain:

#!/bin/bash

for domain in "github.com" "bitbucket.org"; do
    sed -i "/$domain/d" ~/.ssh/known_hosts
    line=$(ssh-keyscan $domain,`nslookup $domain | awk '/^Address: / { print $2 ; exit }'`)
    echo $line >> ~/.ssh/known_hosts
done

Excerpt from gist.

note, the above can be also done directly from terminal:

domain=github.com
sed -i "/$domain/d" ~/.ssh/known_hosts
line=$(ssh-keyscan $domain,`nslookup $domain | awk '/^Address: / { print $2 ; exit }'`)
echo $line >> ~/.ssh/known_hosts

Giant answered 2/12, 2015 at 14:17 Comment(3)

This opens you up to potential MITM attacks. – Olney 7/12, 2015 at 0:46

You can add -oStrictHostKeyChecking=no and connect once, which will add the host to the known_hosts file (same as when you ssh on the command line and type yes to add the key to the known_hosts file) and then remove this option after that. – Magniloquent 6/1, 2016 at 17:39

Domain lookups are dicey because the hosts may be running on a cluster. The machine you got a minute ago could be a different box the next minute. – Rhaetian 21/10, 2020 at 9:43

Under Manage Jenkins > Configure Global Security there is:

btw. No Verification is for sure not the best option.

Incommunicable answered 18/8, 2022 at 12:52 Comment(5)

nice. Just for others sake, this setting can be found under 'Manage Jenkins' > 'Configure Global Security' – Icbm 9/9, 2022 at 10:53

This was the only answer that worked with Jenkins installed in Windows Server and Github with private repository. – Bursa 7/12, 2022 at 16:53

I believe that this is the correct way to supply the known-hosts key to Jenkins. It does not require logging into the host via ssh, remains portable (if you move your jenkins instance) and retains visibility from within Jenkins. - I had to make sure when I setup the job that I use "ssh" and not the "https" URI – Brandiebrandise 29/4, 2023 at 1:42

"Configure Global Security" has been renamed Manage Jenkins > "Security" in newer versions. Also, "Accept first connection" is an option in the dropdown that worked for me. – Horror 18/9, 2023 at 20:10

known_hosts file on the server worked until I upgraded Jenkins to 2.426.3 this AM and one of our agents would refuse to connect to bitbucket. Provided bitbucket keys in the Manually Provided Keys option and GitSCM seems to work now – Telium 26/1 at 15:0

Had same problem, i fix it like that :

reset permission on id_rsa* only for current user no group no other

chmod o-rwx ~/.ssh/id*
chmod G-rwx ~/.ssh/id*

ls -lart ~/.ssh/


-rw-------  1 jenkins nogroup  398 avril  3 09:34 id_rsa.pub
-rw-------  1 jenkins nogroup 1675 avril  3 09:34 id_rsa

And clear ~/.ssh/know_hosts

Now Connect as jenkins

sudo su jenkins

Try the jenkins commands

git ls-remote -h [email protected]:user/project.git HEAD

If no problem appears, now jenkins will be able to connect the repo (for me ^^ at least)

Stereophonic answered 3/4, 2014 at 8:6 Comment(1)

The above command(chmod G-rwx ~/.ssh/id*) for changing the group permission failed. The below worked as desired. chmod g-rwx ~/.ssh/id* – Lepanto 15/5, 2014 at 13:38

As for the workaround (e.g. Windows slave), define the following environment variable in global properties:

GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"

Note: If you don't see the option, you probably need EnvInject plugin for it.

Joiejoin answered 4/9, 2019 at 15:16 Comment(0)

Login as jenkins using: sudo su -s /bin/bash jenkins
git clone the desired repo which causes the key error
It will ask you to add the key by showing Yes/No (enter yes or y)

That's it!

You can now re-run the Jenkins job.

Pikeperch answered 28/11, 2018 at 19:14 Comment(1)

No, it just asks for a password, and i tried the jenkins password and the git password and it doesn't accept either. – Emmerie 1/2, 2021 at 17:20

using https://bitbucket.org/YYYY/XX.git

you shoud delete username@

Lemos answered 11/5, 2014 at 5:46 Comment(0)

Make sure we are not editing any of the default sshd_config properties to skip the error
Host Verification Failed - Definitely a missing entry of hostname in known_hosts file
Login to the server where the process is failing and do the following:
1. Sudo to the user running the process
2. ssh-copy-id destinationuser@destinationhostname
3. It will prompt like this for the first time, say yes and it will also ask password for the first time:
```
The authenticity of host 'sample.org (205.214.640.91)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
Are you sure you want to continue connecting (yes/no)? *yes*
```
  Password prompt ? give password
4. Now from the server where process is running, do ssh destinationuser@destinationhostname. It should login without a password.
  
  Note: Do not change the default permissions of files in the user's .ssh directory, you will end up with different issues

Extrusion answered 2/10, 2015 at 16:36 Comment(2)

in step 3, it might be the case that, you are prompted with key already exist in the file, but you should continue this 4 steps and if you can login without password from jenkins user, than you are all set. – Cobalt 21/5, 2019 at 10:50

Missing .pub file for jenkins user. – Emmerie 1/2, 2021 at 17:23

Best way you can just use your "git url" in 'https" URL format in the Jenkinsfile or wherever you want.

git url: 'https://github.com/jglick/simple-maven-project-with-tests.git'

Cereal answered 11/5, 2016 at 10:1 Comment(0)

Copy host keys from both bitbucket and github:

ssh root@deployserver 'echo "$(ssh-keyscan -t rsa,dsa bitbucket.org)" >> /root/.ssh/known_hosts'
ssh root@deployserver 'echo "$(ssh-keyscan -t rsa,dsa github.com)" >> /root/.ssh/known_hosts'

Favor answered 28/2, 2018 at 22:57 Comment(0)

I ran into this issue and it turned out the problem was that the jenkins service wasn't being run as the jenkins user. So running the commands as the jenkins user worked just fine.

Expose answered 28/2, 2019 at 18:46 Comment(0)

In Jenkins, you can manage strict host checking behavior in "Global security" parameters

Deify answered 6/4, 2023 at 13:6 Comment(1)

Just be aware that disabling strict host checking makes you vulnerable to Man-In-The-Middle (mitm) attacks – Commonable 17/8, 2023 at 15:53

SSH

If you are trying it with SSH, then the Host key Verification error can come due to several reasons.Follow these steps to overcome all the reasons.

Set the Environment variable as HOME and provide the address as the root directory of .ssh folder. e.g:- If your .ssh is kept inside Name folder. C:/Users/Name.
Now make sure that the public SSH key is being provided in the repository link also. Either it is github or bitbucket or any other.
Open git bash. And try cloning the project from the repository. This will help in adding your repository URL in the known_host file, which is being auto created in the .ssh folder.
Now open jenkins and create a new job. Then click on configure.
provide the cloning URL in Source code management under Git. The URL should be start with [email protected]/......... or ssh://proje........
Under the Credential you need to add the username and password of your repository form which you are cloning the project. Select that credential.
And now apply and save the configuration.
Bingo! Start building the project. I hope now you will not get any Host Key verification error!

Inchmeal answered 2/8, 2017 at 6:29 Comment(0)

There is a safe and (relative easy) way to accomplish this, which should also work if you have separate worker nodes/clouds (like docker/kubernetes).

Maintaining the keys can also be added to the Jenkins configuration as code so you can maintain it in code for easier redeployment.

Adding host keys to Jenkins configuration

First go to a console and execute ssh-keyscan -H your_git_server.url
Copy the output of that command
Then navigate to https://YOUR_JENKINS_URL/manage/configureSecurity/
Scroll down to Git Host Key Verification Configuration
Paste the output of the command into the window. it should look like this:

Both bitbucket and github have pages about their keys and servers. Read them and ensure that you are adding the proper keys and not some random keys

Getting the ssh-keyscan via your Jenkins installation

If you for some reason do not have ssh-keyscan, you can go to the script console ( https://YOUR_JENKINS_URL/manage/script ) and paste in the following script:

def sout = new StringBuilder(), serr = new StringBuilder()
def proc = 'ssh-keyscan -H bitbucket.org'.execute()
proc.consumeProcessOutput(sout, serr)
proc.waitForOrKill(1000)
println "copy this to jenkins>\n$sout"
//println "err> $serr"

Commonable answered 16/1, 2023 at 17:42 Comment(0)

Try

ssh-keygen -R hostname

-R hostname Removes all keys belonging to hostname from a known_hosts file. This option is useful to delete hashed hosts

Stacte answered 2/1, 2017 at 11:55 Comment(0)

Use ssh-keyscan should be much more easier:

ssh-keyscan bitbucket.org >> ~/.ssh/known_hosts

This command will put all required hosts to ~/.ssh/known_hosts. You will need to run this command inside your Jenkins machine. You can also create a job and put that command into the "Execute shell" section of the Configure of that job and then execute the job.

Spacious answered 2/3, 2022 at 8:1 Comment(0)

I had the same problem. I had the ssh key setup in both the server and github. I can run ssh -T [email protected] without problem. When I manually run the following command, I had no problem.

git ls-remote -h [email protected]:jessy-3/vanilla.git HEAD

But when I configure it with Jenkins, I got the problem. It worked when "Host Key Verification Strategy" in "Configure Global Security" set to "No verification" but not on "Known hosts file".

The final solution is to go to cd ~/.ssh then chmod 644 privatekeyfile.

Municipality answered 15/3, 2023 at 19:20 Comment(0)

Secure and easy way to add host keys

The host keys need to be added either to .ssh/known_hosts file or into the Jenkins GUI. The latter is shown in this answer.

Error message from Jenkins 2.426.1:

Failed to connect to repository : Command "git ls-remote -h -- [email protected]:youruser/yourrepository.git HEAD" returned status code 128:
stdout:
stderr: No ED25519 host key is known for bitbucket.org and you have requested strict checking.
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

The main part is:

Host key verification failed.

1. Get the host keys

This can be done on any machine, your local laptop or any server.

For bitbucket.org

ssh-keyscan -H bitbucket.org

# bitbucket.org:22 SSH-2.0-conker_95dc3707a5 3dcc5f8f2ee6
|1|sm0rsQ/wpQFuBXLDjrlpszP5LuE=|639nVsWhoeVMHJ8x+KO8cDLiLfM= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M=
# bitbucket.org:22 SSH-2.0-conker_95dc3707a5 75a947814076
|1|ENd8Gydk8INYO3qW4KdJU5jASUQ=|QMIjWYV2MPuaXELEvUnaF8CkCaU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE=
# bitbucket.org:22 SSH-2.0-conker_95dc3707a5 9d0e50d22058
|1|Eo6F4Y8yVeZmNYjKSr4KqCcXPpE=|pi+d+jzaqKKbzd6mSXqTzlVi1L0= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO
# bitbucket.org:22 SSH-2.0-conker_95dc3707a5 f7e082ca9b56
# bitbucket.org:22 SSH-2.0-conker_95dc3707a5 1c0352a269fd

...or/also for double checking:

curl https://bitbucket.org/site/ssh

bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M=
bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE=
bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO

Source:

https://support.atlassian.com/bitbucket-cloud/docs/configure-ssh-and-two-step-verification/

For github.com

ssh-keyscan -H github.com

# github.com:22 SSH-2.0-babeld-57ca1323
|1|ZhNq+1evlmqrhCGPbv9JpU+mqJw=|MCWObOm0vqtvDg5dDUlw6uv1s9Y= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=
# github.com:22 SSH-2.0-babeld-57ca1323
|1|jpFa8wZoFNn8eVZWnILCyVRNlBI=|NTF31FUEZxyZO7CxoZCjkxeQ8WU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
# github.com:22 SSH-2.0-babeld-57ca1323
|1|ct+VFylgk18jtwsOsl9cH0qAtEM=|eEanGUG2m6YCdEx00XRQvJcyWfI= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
# github.com:22 SSH-2.0-babeld-57ca1323
# github.com:22 SSH-2.0-babeld-57ca1323

2. Paste the keys into the Jenkins GUI

a) go to: YOUR-JENKINS-HOST-URL.com/manage/configureSecurity/

b) scroll down to: Git Host Key Verification Configuration

c) dropdown - choose: Manually provided host keys

d) paste the keys from the first or the second command into the text box.

WARNING! Do NOT copy the keys from this answer - they are NOT to be trusted. ONLY trust host keys from the original source, such as bitbucket.org or github.com

PS. This was done year 2024 on Jenkins 2.426.1 in a Docker container on one server (with a separate Jenkins Agent on Ubuntu server running builds).

Slipper answered 15/2 at 12:57 Comment(0)

issue is with the /var/lib/jenkins/.ssh/known_hosts. It exists in the first case, but not in the second one. This means you are running either on different system or the second case is somehow jailed in chroot or by other means separated from the rest of the filesystem (this is a good idea for running random code from jenkins).

Next steps are finding out how are the chroots for this user created and modify the known hosts inside this chroot. Or just go other ways of ignoring known hosts, such as ssh-keyscan, StrictHostKeyChecking=no or so.

Calida answered 5/10, 2020 at 2:48 Comment(0)

After ssh-keygen probably one only needs to copy the public key to remote host with:

ssh-copy-id -i ~/.ssh/mykey user@host

Chao answered 20/9, 2021 at 14:55 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++