Jenkins && Pipeline Public/Private Key errors

1. Jenkins  test configuration failed：

jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [prop-idm.dxctech.tk-tianxia]. Message [Auth fail]]

Solution：

run cmd as below：

[tx@prop-idm .ssh]$ cat id_rsa.pub >> authorized_keys

 

2. Pipeline failed

node('slave1') {
     stage('update idm version'){
        sshagent(credentials:['idm-version-update']){
           sh "ssh -v -o StrictHostKeyChecking=no -l tiaxia prop-idm.dxctech.tk '/home/tiaxia/workshop/VPC-IDM-service/update-version.sh ${version}' "
        }
       
    }

    stage('Push to ftp Server'){
        sh "scp /opt/mount1/jenkinsHome/workspace/Propel-IDM-Distribution2/idm-vpc-part/target/packagetmp/idm-service-1.10.0-VPC1.22/WEB-INF/lib/*.jaruftp@ec4t01705.itcs.entsvcs.net:/var/ftp/dxc-vpc-idm"
    }

}

[Pipeline] nodeRunning on ec4t01663.itcs.entsvcs.net_slave1 in /opt/mount1/jenkinsHome/workspace/update-idm-version[Pipeline] {[Pipeline] stage[Pipeline] { (update idm version)[Pipeline] sshagent[ssh-agent] Using credentials tiaxia(idm-version-update) (prop-idm.dxctech.tk)[ssh-agent] Looking for ssh-agent implementation...[ssh-agent]   Exec ssh-agent (binary ssh-agent on a remote machine)$ ssh-agentSSH_AUTH_SOCK=/tmp/ssh-3iPZUGmAul7r/agent.101746SSH_AGENT_PID=101748$ ssh-add /opt/mount1/jenkinsHome/workspace/update-idm-version@tmp/private_key_5963022477772105576.keyIdentity added: /opt/mount1/jenkinsHome/workspace/update-idm-version@tmp/private_key_5963022477772105576.key (/opt/mount1/jenkinsHome/workspace/update-idm-version@tmp/private_key_5963022477772105576.key)[ssh-agent] Started.[Pipeline] {[Pipeline] sh[update-idm-version] Running shell script+ ssh -v -o StrictHostKeyChecking=no -l tiaxia prop-idm.dxctech.tk '/home/tiaxia/workshop/VPC-IDM-service/update-version.sh 44'OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017debug1: Reading configuration data /etc/ssh/ssh_configdebug1: /etc/ssh/ssh_config line 56: Applying options for *debug1: Connecting to prop-idm.dxctech.tk [15.107.26.32] port 22.debug1: Connection established.debug1: identity file /home/jenkins/.ssh/id_rsa type 1debug1: key_load_public: No such file or directorydebug1: identity file /home/jenkins/.ssh/id_rsa-cert type -1debug1: key_load_public: No such file or directorydebug1: identity file /home/jenkins/.ssh/id_dsa type -1debug1: key_load_public: No such file or directorydebug1: identity file /home/jenkins/.ssh/id_dsa-cert type -1debug1: key_load_public: No such file or directorydebug1: identity file /home/jenkins/.ssh/id_ecdsa type -1debug1: key_load_public: No such file or directorydebug1: identity file /home/jenkins/.ssh/id_ecdsa-cert type -1debug1: key_load_public: No such file or directorydebug1: identity file /home/jenkins/.ssh/id_ed25519 type -1debug1: key_load_public: No such file or directorydebug1: identity file /home/jenkins/.ssh/id_ed25519-cert type -1debug1: Enabling compatibility mode for protocol 2.0debug1: Local version string SSH-2.0-OpenSSH_7.4debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000debug1: Authenticating to prop-idm.dxctech.tk:22 as 'tiaxia'debug1: SSH2_MSG_KEXINIT sentdebug1: SSH2_MSG_KEXINIT receiveddebug1: kex: algorithm: curve25519-sha256@libssh.orgdebug1: kex: host key algorithm: ecdsa-sha2-nistp256debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: nonedebug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: nonedebug1: kex: curve25519-sha256@libssh.org need=64 dh_need=64debug1: kex: curve25519-sha256@libssh.org need=64 dh_need=64debug1: expecting SSH2_MSG_KEX_ECDH_REPLYdebug1: Server host key: ecdsa-sha2-nistp256 SHA256:bywounkjzyPiGtoPw1397lEqKcFrm64jskiYJ3bPqkMdebug1: Host 'prop-idm.dxctech.tk' is known and matches the ECDSA host key.debug1: Found key in /home/jenkins/.ssh/known_hosts:11debug1: rekey after 134217728 blocksdebug1: SSH2_MSG_NEWKEYS sentdebug1: expecting SSH2_MSG_NEWKEYSdebug1: SSH2_MSG_NEWKEYS receiveddebug1: rekey after 134217728 blocksdebug1: SSH2_MSG_SERVICE_ACCEPT receiveddebug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passworddebug1: Next authentication method: gssapi-keyexdebug1: No valid Key exchange contextdebug1: Next authentication method: gssapi-with-micdebug1: Unspecified GSS failure.  Minor code may provide more informationNo Kerberos credentials available (default cache: FILE:/tmp/krb5cc_25929)debug1: Unspecified GSS failure.  Minor code may provide more informationNo Kerberos credentials available (default cache: FILE:/tmp/krb5cc_25929)debug1: Next authentication method: publickeydebug1: Offering RSA public key: /opt/mount1/jenkinsHome/workspace/update-idm-version@tmp/private_key_5963022477772105576.keydebug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passworddebug1: Offering RSA public key: /home/jenkins/.ssh/id_rsadebug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passworddebug1: Trying private key: /home/jenkins/.ssh/id_dsadebug1: Trying private key: /home/jenkins/.ssh/id_ecdsadebug1: Trying private key: /home/jenkins/.ssh/id_ed25519debug1: Next authentication method: passworddebug1: read_passphrase: can't open /dev/tty: No such device or addressdebug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passwordPermission denied, please try again.debug1: read_passphrase: can't open /dev/tty: No such device or address$ ssh-agent -kunset SSH_AUTH_SOCK;unset SSH_AGENT_PID;echo Agent pid 101748 killed;[ssh-agent] Stopped.debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passwordPermission denied, please try again.debug1: read_passphrase: can't open /dev/tty: No such device or addressdebug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passworddebug1: No more authentication methods to try.Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).[Pipeline] }[Pipeline] // sshagent[Pipeline] }[Pipeline] // stage[Pipeline] }[Pipeline] // node[Pipeline] End of PipelineERROR: script returned exit code 255Finished: FAILURE

Solution：

Add jenkins server public key to prop-idm.dxctech.tk：/home/tiaxia/.ssh/authorized_keys

3. 

 stage('Push to ftp Server'){
        sh "scp /opt/mount1/jenkinsHome/workspace/Propel-IDM-Distribution2/idm-vpc-part/target/packagetmp/idm-service-1.10.0-VPC1.22/WEB-INF/lib/*.jaruftp@ec4t01705.itcs.entsvcs.net:/var/ftp/dxc-vpc-idm"
    }

[Pipeline] { (Push to ftp Server)[Pipeline] sh[update-idm-version] Running shell script+ scp /opt/mount1/jenkinsHome/workspace/Propel-IDM-Distribution2/idm-vpc-part/target/packagetmp/idm-service-1.10.0-VPC1.22/WEB-INF/lib/idm-authn-1.10.0-VPC1.22.jar uftp@ec4t01705.itcs.entsvcs.net:/var/ftp/dxc-vpc-idmHost key verification failed.lost connection[Pipeline] }[Pipeline] // stage[Pipeline] }[Pipeline] // node[Pipeline] End of PipelineERROR: script returned exit code 1Finished: FAILURE

Solution

Check the permissions on your homedirectory, .ssh directory, and the authorized_keys file: Ifyour ssh server is running with ‘StrictModes on’, it will refuse to use yourpublic keys in the ~/.ssh/authorized_keys file. Your home directory should bewritable only by you, ~/.ssh should be 700, and authorized_keys should be 600