Unable to point to ssh keys in ~/.ssh on Jenkins host

Asked 30/6, 2018 at 23:54 Answered 17/12, 2018 at 2:16

Solved jenkins jenkins-plugins ssh-agent

I've installed SSH Agent Plugin to pull Git repository using SSH authentication. I'd like to use SSH keys located in system file (from the Jenkins master ~/.ssh option). It's screenshot taken from official plugin's page:

Unfortunately I don't see this option. I can select only "Enter directly". Please check out my screenshot.

Did I configure something wrong?

Odo answered 30/6, 2018 at 23:54 Comment(0)

This is a reletively recent change, explained in security advisory 440 : https://jenkins.io/security/advisory/2018-06-25/

SECURITY-440 / CVE-2018-1000601 SSH Credentials Plugin allowed the creation of SSH credentials with keys "From a file on Jenkins master". Credentials Binding Plugin 1.13 and newer allows binding SSH credentials to environment variables. In combination, these two features allow users with the permission to configure a job to read arbitrary files on the Jenkins master by creating an SSH credential referencing an arbitrary file on the Jenkins master, and binding it to an environment variable in a job.

SSH Credentials Plugin no longer supports SSH credentials from files on the Jenkins master file system, neither user-specified file paths nor ~/.ssh. Existing SSH credentials of these kinds are migrated to "directly entered" SSH credentials.

Stour answered 8/7, 2018 at 9:24 Comment(0)

That option (first screen) is from the Jenkins | Manage Jenkins | Manage Credentials global option page.

If it not visible inside a Jenkins job.

You need to enter at least one named private key, in order for a job to display the option:

Karly answered 1/7, 2018 at 0:50 Comment(6)

Hi VonC. Thanks for the answer. I don't see "Manage Credentials" under "Manage Jenkins". I see only "Configure Global Security" and "Configure Credentials". I have "Credentials Plugin" installed and based on plugin's description I should have “Manage Credentials” screen on the “Manage Jenkins". Do you know I need to configure anything else to see "Manage Credentials" option? – Odo 1/7, 2018 at 21:41

@Odo Right, I see it in my Jenkins1, not Jenkins2 – Karly 2/7, 2018 at 7:46

what do you mean by Jenkins1 and Jenkins2? Do you have two instances of Jenkins and you see "Manage Credentials" in one of them only? – Odo 6/7, 2018 at 20:25

@Odo No, I mean I have an instance of a Jenkins 1.6xx, and another server with an instance of Jenkins 2.1xx. – Karly 6/7, 2018 at 20:26

thanks, Have you configured SSH Agent Plugin on Jenkins 2? – Odo 6/7, 2018 at 21:35

@Odo No, I haven't: I'll check this next Monday. – Karly 6/7, 2018 at 21:44

I also din't see the "Manage Credentials" Options. I'm still tinkering.. see below

My current location

Jenkins > credentials > system > global credentials
its not very obvious how to get here.. so, here are some hacks/ work arounds.

global credentials link isn't very obvious.. see screen shot or type in browser the path below
YOURIP:YOURPORT/credentials/store/system/domain/_/

Once at location: you should see Add Credentials in sidebar menu or href text link "adding some credentials?"

I see 1 SSH option here. "SSH with username and Private Key"

will update results.

Evensong answered 17/12, 2018 at 2:16 Comment(0)

Recommended topics

Hot tags