On Wed, Apr 24, 2019 at 6:30 PM Mark Waite <mark.earl.wa...@gmail.com> wrote:
> > > On Wed, Apr 24, 2019 at 4:54 PM Mark Waite wrote: > >> >> >> On Wed, Apr 24, 2019 at 4:27 PM Randall Becker wrote: >> >>> My docker image is doing fine, but the standalone Jenkins just won't >>> authenticate with either JGit or git. It would be really nice to be able to >>> do this without docker. Is there a standard launch recipe for my situation >>> (in Ubuntu) or is SSH with passphrases just not available anymore? >>> >>> >> If ssh with passphrases is not available anymore, that is a catastrophic >> bug. I'm reasonably confident that ssh with passphrases continues to be >> available. However, I won't be able to configure the test setup until >> later this evening. My Ubuntu 16 machine is busy right now running a >> Docker image that would conflict with the native package install. >> >> > I can't duplicate the problem you're seeing. Steps I took while > attempting to duplicate the problem included: > > 1. Create a passphrase protected RSA private key (no special > characters in the passphrase, since the git client plugin is known to have > issues with special characters in the passphrase) > 2. Register the public key of that passphrase protected RSA key with > my account on bitbucket.org > 3. Update ~/.ssh/config so that ssh access to the bitbucket repository > from my account 'mwaite' will use the newly created passphrase protected > RSA private key > 4. Confirm that git clone from bitbucket.org prompts for the > passphrase for that private key and fails if I do not provide that > passphrase > 5. Confirm that git clone from bitbucket.org prompts for the > passphrase for that private key and succeeds when I provide the correct > passphrase > 6. Install Jenkins 2.164.2 on a fully patched Ubuntu 16.04 machine > using the instructions from > https://jenkins.io/doc/book/installing/#debianubuntu. I installed the > recommended plugins from the installation wizard and made no other > configuration changes (this installs and runs as the user 'jenkins', not > the user 'mwaite') > 7. Define a Jenkins credential using the passphrase protected RSA > private key > > I failed to note one subtle value in the credential definition. Since the clone url provided by bitbucket is 'g...@bitbucket.org', I defined the credential with the username 'git', not with my bitbucket username. Since my bitbucket username includes the '@' character (mark.earl.wa...@gmail.com), it is not usable as the username portion of the repository URL If the previous version of git client plugin that you were running was before git client plugin 2.7.3, then the credential may have worked even with the wrong username in the credential. There was a change made several versions of the git client ago to adapt to a change in OpenSSH. OpenSSH versions prior to 7.7 would accept an incorrect value for the username and would then override that username with the username that was embedded in the repository URL. OpenSSH versions 7.7 and later fixed that OpenSSH bug. The git client plugin had a dependency on that OpenSSH bug. I don't think that bug affects this case, since the OpenSSH version on Ubuntu 16.04 is 7.2, however, you can read about it at https://issues.jenkins-ci.org/browse/JENKINS-50573 -- Thanks! Mark Waite -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAO49JtGH_Zwr-eQ-rkqn90YPVaWPqyHXN_qFttPOyVvADBq7zw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
