Jenkins issue with Git [Permission denied (publickey).] on Windows - windows

I know that thousands of topics touch my problem but I am fighting this from several days with almost zero progress ;(.
I installed Jenkins on Windows machine.
Then acquired Git plugin and the Git itself.
Everything is latest version for the day of my writing.
I was just happy to start to play with Jenkins but I failed at configuring my Bitbucket repository to be used by Job.
I set the exact path to git.exe (as it seemed the reason for initial problems) [C:\Program Files\Git\cmd\git.exe].
Then I tried accessing the repository by HTTPS with account credentials, many strange errors here so I thought let's try with SSH.
I have generated rsa keys, set the public key in the Bitbucket repository. Then I created credential configuration in Jenkins for SSH authentication with passphrase.
I have many problems here so for temporary workaround I explicitly set the value of private key.
Finaly I got to the place where I am now:
+refs/heads/*:refs/remotes/origin/*" returned status code 128:
stdout:
stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
When I try to manualy copy repository, it politely asks me about passphrase and the copy is done. When Jenkins job does it the above happens. With help of %USERNAME% and %USERDOMAIN% in the Job's script I get the same values like when I do it manually.
After plenty of hours I can say I can't use Git in Jenkins ;(
UPDATE
I don't believe that it could be so simple. As mainframer mentioned, I left passphrase empty for the whole SSH authentication and it really worked (the repository is cloned even that Jenkins still shows the same error in job's configuration page). I only wonder about any consequences of such setup, but working thing is more valuable for me now.

You mean leaving empty passphrase while generating keys and then also no passphrase config in Jenkins ssh credentials?
Yes, as Jenkins wouldn't be able to feed the passphrase to the ssh session.
But make sure the Jenkins slave service runs with your account (and not with the system account). It needs your account to find the ssh keys in %USERPROFILE%\.ssh\id_rsa(.pub)

Related

Jenkins git authentication failed with correct credentials on Windows

I'm currently using Jenkins on Windows 10, and using git as version control system.
Although I provided correct repository URL and credential, I cannot use jenkins with error below.
Failed to connect to repository : Command "git.exe ls-remote -h REPOSITORY_URL HEAD" returned status code 128:
stdout:
stderr: git#URL: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Credential and URL doesn't seems wrong, since this build success previously with same credential. The only change after successful build was one line in build script.
git config --global core.sshCommand C:/Windows/System32/OpenSSH/ssh.exe
After I success with this script, git setting keeps failed. Is there any problem with that line? And how can I fix it?
EDIT
Problem solved! For anyone who has same problem, it was problem with the system user! Since ssh key stores in each user space, jenkins cannot detect where the ssh key located. Therefore, go to 'service' in windows, and change user of jenkins service to the user who has correct ssh key. It solved my problem!
Seems there is some problem in Jenkins.
It cannot locate OpenSSH folder in System32, and so that I cannot get log with it.
That would explain why the main Jenkins controller (aka "master" in old terminology) cannot contact the Git repository (assuming an SSH URL here, with technical remote user account "git")
Try and remove that git configuration to see if the error persists: Git should fall back to its own ssh.exe, packaged with Git For Windows.
As noted by the OP, this only works if said Jenkins is run as a user account, not as the system account.
Only then will it be able to access the %USERPROFILE%\.ssh folder.

Switching my git bash credentials from virtual machine to my home system

I am about to finish a coding boot camp which had us blindly set up our git and github account info through Vagrant/putty in the beginning using SSH keys. I went ahead and downloaded cmder and set it up to launch bash on terminal open, but when I try to git push or pull, I am getting an error Permission denied(publickey). fatal: could not read from remote repository.
I have checked the username and email, and they are set to my correct credentials. Will the fact that I made the SSH keys while logged in to the schools Vagrant system cause issues, and if so, is there a way to strip and reset my SSH keys or switch my git to use HTTPS credentials to log in?
I've done a good bit of googling and only come across ways to install and setup git bash, which I've of course already done. Thanks in advance for any help.
One benefit of using SSH keys over your username and password is that you can have separate keys for each machine you'll log into GitHub with. Don't transfer the keys; just generate new ones for your home machine, and disable the old VM keys on GitHub's end.

Need help setting up a git server on windows

i'm trying to set up a git server on Windows, but i'm having some issues getting it all to work.
I have locally created a normal repository, and remotely i created a bare repository. On the local repository i added a single text file and committed it, but when I try to push it into the remote repository I always get the following message:
fatal: protocol error: bad line length character: fata
I searched SO and other sources, and most of them suggest it's an issue regarding command echos. I'm using freeSSHd as a SSH solution (remote repository is hosted on a windows server), and I tried to use both the git bash and the windows CMD as a command shell.
I start CMD with /Q to disable echoing and /K to change directory to a directory where repositories are located, so I don't think that would be a problem.
Using the remote desktop, i can clone the repository to a folder next to it, and using the git bash locally i can access the SSH shell and also clone the repository in the same way. But using git clone ssh://<address>:/myRepo.git I always get the above message (The SSH's working folder is the same where the repository is located). Does anyone have any idea what's going on? How can I see what command is triggering the error, and how can I see the full error message?
I also met the same error using freeSSHd as a ssh solution for git server on Windows. I couldn't find a solution for a whole day and gave up. :(
Later I found another powerful ssh server from Bitvise called WinSSHD worked well. It has free version for personal use. I suggest you to switch to it. Though I'd also like to know if there's a fix to the error we both met.
To setup ssh server with WinSSHD is quite simple, and you can add virtual accounts with private/public key access.
The key part is to setup the ssh access for git server. Please follow the steps of the blog here.
It should work well for Windows git client. For Mac, you may meet an error as follows.
grp.sh: No such file or directory
fatal: Could not read from remote repository.
To fix it, you need to create the two files gup.sh and grp.sh in your git bin directory (GIT_PATH/bin or GIT_PATH/libexec/git-core configured in system environment variable PATH) in your git server.
The content of gup.sh:
git-upload-pack.exe $*
The content of grp.sh:
git-receive-pack.exe $*

Configure Jenkins to use GIT On Windows, Got stderr: Permission denied (publickey)

My Git version is 1.8.0, for this version, the Git installation path in Jenkins is C:\Git\cmd\git.exe (in older versions, it is C:\Git\cmd\git.cmd). This solves the problem that I had: error deleting workspace. In Jenkins, Git repository URL uses the ssh protocol: git#github.com:xxxxx/xxx.git, for me, this URL works. If your key can't be found, this URL will return an error, you need to define %HOME%, then your key should be in %HOME%.ssh. then I started to build. When I built it, I got:
stdout: Cloning into 'C:\Jenkins\workspace\Lily'...
stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
at hudson.plugins.git.GitAPI.launchCommandIn(GitAPI.java:897)
at hudson.plugins.git.GitAPI.access$000(GitAPI.java:42)
I don't understand why Jenkins can find my key for the repository URL, but can't find my key when it clones the repository.
Any help will be greatly appreciated.
My company has a proxy server, for me, to use SSH protocol is very difficult, it may have a way to solve the combination of a proxy server and ssh-to-github, but I gave up. In stead, I used https protocol. In order not to prompt credentials for Jenkins, I used github credential cache to solve this. Check here for credential cache: http://www.kernel.org/pub/software/scm/git/docs/git-credential-cache.html. Now my Jenkins/Git build works in Windows.

Problem cloning / fetching repository using Git plugin for Hudson on Windows

Before anybody shoots me down for this - I have already checked every appropriate thread and still not found a solution to my problem.
I have Hudson with git plugin installed on windows server (not my choice) and Hudson runs as a service. Git/bin is on the path. However I cannot clone the repository. Here is a shortened display of the console output:
Started by user anonymous
Checkout:workspace / C:\.hudson\jobs\sdf\workspace - hudson.remoting.LocalChannel#65394b
Last Built Revision: Revision 74200b32314231a5efdadd87bf36b42ec145c720 (origin/master)
Checkout:workspace / C:\.hudson\jobs\sdf\workspace - hudson.remoting.LocalChannel#65394b
Fetching changes from the remote Git repository
Fetching upstream changes from ssh://git.mccannlondon.co.uk/git/mccann_admin
[workspace] $ "C:\Program Files\Git\bin\git.exe" fetch -t ssh://git.mccannlondon.co.uk/git/mccann_admin +refs/heads/*:refs/remotes/origin/*
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's rsa2 key fingerprint is:
ssh-rsa 2048 f1:48:2a:0a:d9:18:cf:2e:f2:8c:b3:25:7f:34:d5:34
Connection abandoned.
fatal: The remote end hung up unexpectedly
ERROR: Problem fetching from origin / origin - could be unavailable. Continuing anyway
So it seems I need to authenticate the host however I'm not sure why hudson is starting the job as user anonymous when I have set the Administrator as owner of the hudson service.
Does anyone know:
a) how to change hudson's run user? or
b) connect to the remove computer with the same user account as hudson uses as to allow hudson to fetch?
If this has been posted before apologies but I spent a good few hours searching around and couldn't find anything.
Thanks
Lewis
This may be related to the question Git, Can’t clone repo on windows
The problem is that MSysGit starts PLink in the background, i.e. the terminal is not actually connected to the input of PLink. That means that you simply can't type anything into PLink.
You simply have to connect to the server once using PLink or PuTTY, answer Yes and from then on, you won't be asked again.
The tutorial from cletus can be helpful as well.
A good description of the issue can be found in this blog entry
the problem is that Hudson is a service and runs under the user "Local Service Account".
The next step is to add the trace manually the cache (a file) because I know you can do in Linux.
Wrong again, Windows does not have this cache as a file but uses the registry.
Searching in the register found an entry for my user (who had previously accessed the repository and added to the cache footprint) where the trace was stored and copied to HKEY_USERS so that users can access it.
The entry goes like this:
Key Name: HKEY_USERS\.DEFAULT\Software\SimonTatham\PuTTY\SshHostKeys
Class Name: NO CLASS
Last Write Time: 23.01.2009 - 18:35
Value 0
Name: dss#22:bla_bla.com
Type: REG_SZ
Data: 0xb477b...
From the command line, you can easily add the key as follows:
reg add HKEY_USERS\.DEFAULT\Software\SimonTatham\PuTTY\SshHostKeys /v dss#22:bla_bla.com /d 0xb477b...
Now Hudson, run as a service, go happily and smoothly to the repository where the code.
The 'started by anonymous' is telling you which Hudson user started the job. If you haven't created any Hudson users, then everything is started by 'anonymous'
It is not related to which OS user is executing the process.
You asked how to change the user that Hudson runs as: you need to edit the service (Control Panel->Administrative Tools->Services, double click the Hudson service and change the "Log On" to "This account").
Once the account is setup I make sure that the git server is in MINGW's (Git Bash's) ~hudson/.ssh/known_hosts, and that there's a ~hudson/.ssh/identity file in place. The only warning I have is that if you have cygwin installed on the box you need to make sure that %CYGWIN% is empty, otherwise you'll see key permission errors in the Hudson logs. My recommendation is that you simply set the CYGWIN environment variable to empty in Hudson.
I meet the same problem and after check git plugin, http://wiki.hudson-ci.org/display/HUDSON/Git+Plugin
It is stated to change the git path to /usr/bin/git in Global setting and config the git username
And it fixes my problem
Hope it works for you as well, by the way, I use ubuntu, but it should be the same

Resources