I'm doing a integration with jenkins and github, and after it compiles the project i want to push the .exe file to github.
I already did the configurarions of SSH on my console (i'm using windows with putty to manage the ssh keys)
but when the jenkins will run the post build console command it returns me this :
If you trust this host, enter "y" to add the key to
PuTTY's cache and carry on connecting.
If you want to carry on connecting just once, without
adding the key to the cache, enter "n".
If you do not trust this host, press Return to abandon the
connection.
and still in this message for ever i want to know how o do approve this message when jenkins request this.
When logged in as the user that Jenkins runs as, use putty to manually connect to the destination and accept the request to put the key in putty's cache. If Jenkins is running as a service, go to Services and check the "Log On" tab in the Properties dialog to see who it's running as.
If you want to add the key to putty's cache manually, the key is mentioned in this superuser question.
Related
We manage several laptops that are used for emergency situations and thus are rarely used (knock on wood).
When we start up these laptops periodically to run windows updates, we also sign in with several user accounts for each laptop in order to keep the profile up to date.
Is there a way to automate the logging in of each account with a script?
For example, I could log in as administrator, run the script and the laptop would do the following:
Log out my administrator account,
sign in with useraccount 1, log out
sign in with useraccount 2, log out
sign in with useraccount 3, log out
I havent had much luck in googling this type of thing and was hoping someone here might have an idea.
I simply cant find a script that logs in with a user account.
The closest I can find is recommending auto signin but that only applies to one account and not what I need for this task.
Globally, you can't do that: it would break security if you were allowed to interact, programmatically, with the login screen.
IF it's possible, I would look to a way to do the login to remote machine through either Telnet (not recommended! but can be done with standard Windows tools) or SSH (will need a SSH server). If you can do the upgrade this way, then you're saved, in particular with SSH because you can avoid passwords' sharing through key exchange - probably won't work with domain accounts, however, but local accounts will be fine.
Otherwise, if you require to really open a Windows session, best you can do, IF your configuration allows it AND if it works (regarding the profile's update) is to connect through RDP (Remote Desktop) to each laptop, with each login.
You'll need to establish a RDP connection to each laptop from a "pilot" PC, save each connexion individually within a .rdp file, saving password inside the connection file.
Then, you can launch the connection with the command mstsc <machine+account>.rdp to establish a connection. A bit later, you can kill the connection (with either taskkill or through a pilot process / tool, I would use AutoIt for this preferably).
If password saving is an issue, then each employee should have its own set of RDP files. Through something like Autoit, in particular, you can input the password once, and fill automatically each password prompt.
The tricky part would be to know when it's time to close the remote desktop. I would try to automatically execute a command to distant computer that would reboot it once done, so your remote desktop would close automatically.
Anyway, it will be a real gas plant to implement all this in a smooth process...
I setup Remote Desktop Connection and the computer says: AzureAD\username already has access:
Very good, let's try to connect using AzureAD\username:
Unfortunately it says:
Your credential did not work. Remote machine is AAD joined. If you are
signing in to your work account, try using your work email address.
Of course it didn't work. Any idea?
To successfully connect to an AzureAD joined computer using Remote Desktop, you will need to first save your connection settings to a .rdp file.
To do this, open the Remote Desktop Connection program, enter the IP Address or computer name, then click the "Save As" button at the bottom of the screen. Save it someplace convenient, since we'll need to edit this file by hand.
Next, Right-Click the saved .rdp file and open with Notepad.
Go to the very bottom of the file, add the following lines:
enablecredsspsupport:i:0
authentication level:i:2
Save the file and close.
Now, try double clicking the modified .rdp file and login using the format:
AzureAD\YourFullUsername
Screenshots, original information and credit go to bradleyschacht.com
As an updated answer, the solution is to simply open up the options for the connection, go to the Advanced tab, and check "Use a web account to sign in to the remote computer".
As long as RDP is enabled on the remote machine and the user you are trying to logon is with authorized, it should work.
The Azure Active Directory username is not exactly clear though.
Joined computer via 'FirstName#domain.com', an Azure Active Directory domain account.
Computer shows 'AzureAD\FirstNameLastName' as authorized for RDP since it's an administrator account.
Must use 'AzureAD\FirstName#domain.com' for RDP username.
No other settings changes needed, no manual editing of RDP file just had to get the username right.
from your window, it doesn't seem like you logged in with an azuread account, try with francescomantovani#yourazureaddomain.com as a username?
as per here:https://learn.microsoft.com/en-us/windows/client-management/connect-to-remote-aadj-pc
When you connect to the remote PC, enter your account name in this
format: AzureAD UPN. The local PC must either be domain-joined or
Azure AD-joined. The local PC and remote PC must be in the same Azure
AD tenant.
For some reason the old remote desktop connection application was throwing the same error. I tried connecting through new remote desktop application( included in windows 10 ), it connected without any problem.
The issue is related to the password, which we have set at the time of the creation of VM.
That password doesn't meet the complexity criteria that we didn't get informed about while setting the username & password firstly. Therefore we need to reset the password.
1). click on created VM --> choose reset Password from the side menu.
2). This time they will tell us about constraints for setting the password.
3). Choose the appropriate password.
4). Now login via this format as below:
username : <publicIpOfVM>/<username>
password: newPassword
I have two accounts A, B both registered on the windows server 2008 R2.
There is a script in which I use pscp module of putty to transfer files from the server.
Problem being that the command runs successfully using user account A but gets stuck using account B. The command does not complete using user account B
I have to manually terminate it.
Both accounts have the below privilege in group policy and computer management.
Administrator
Logon as a batch
Replace process level token
Please help
I figured out the problem. When we use pscp alone on command prompt , this is the prompt we get
The server's host key is not cached in the registry. You have no
guarantee that the server is the computer you think it is. The
server's rsa2 key fingerprint is: ssh-rsa 1024
cc:78:13:a3:68:a6:59:7e:b8:23:2d:13:3e:66:9b:b9 If you trust this
host, enter "y" to add the key to PuTTY's cache and carry on
connecting. If you want to carry on connecting just once, without
adding the key to the cache, enter "n". If you do not trust this host,
press Return to abandon the connection. Store key in cache? (y/n)
Connection abandoned.
We need to press y/n and the command shall thereafter proceed.
While this command was running in the script , the prompt was not getting any input from the user and was therefore never ending.
To mitigate this
one can do something like this
How to pass value to psftp prompt
I use console2 in combination with git bash in order to interact with my local git repositories and by extension several github and bitbucket repositories also.
I use an ssh key pair to authenticate myself to these services, howevermy ssh key pair has an associated password.
This morning I found that I was no longer required to enter this password n my laptop in order to complete the authentication process.
I did some testing and it seems that the same key present on my desktop machine still requires me to enter my password.
So my question is.... why am I no longer required to enter my password on my laptop in order to authenticate with these servers?
Sounds like you have ssh-agent (sshagent.exe) running.
It is a small utility which allows you to enter your key's passphrase once and it then holds it "unlocked" for further use without you needing to re-enter the passphrase each time. Killing it will cause the original behaviour.
ssh-agent comes along with ssh in a standard msysgit installation. I'm not sure if something's changed that now means it's used by default or not though. Another explanation as to why it's running might be if you've installed posh-git and ran a Powershell session. By default (I believe - it's been a while), it'll run at the start of the session and ask for your key's passphrase. I use it every single day with this configuration as my passphrase is quite long... :-)
Something to do with having git-credential-winstore installed on your laptop?
I have some test code running from TeamCity. Part of my test code requires ssh with putty. This code works fine in in a command prompt (session 1) but when I run it from TeamCity (which is a process and therefore runs in session 0) I get the following alert in my test log
The servers host key does not match the one PuTTY has cached in the registry
[snip]
If you trust this host, enter "y" to add the key to PuTTY's cache and carry on connecting. If you want to carry on connecting just once, without adding the key to the cache, enter "n". If you do not trust this host, press Return to abandon the connection. Store key in cache? (y/n)
Since this is in session 0 I can't interact and hit 'y'. I can't work out why the key stored in the registry when I hit 'y' when running this the first time from session 1 doesn't stop the alert appearing in session 0.
Can anyone help me? Thanks.
Very likely there is no solution with PuTTY.
In OpenSSH you have a set of options to completely avoid the host key verification, with the drawback of lowering the security levels.
On Unix derivatives that would be:
-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
I think in Windows the second option would read "-o UserKnownHostsFile=NULL".
One possible "workaround" would be to manually start putty on the very first connection in order to get the host key in the stored cache. Subsequent calls would not require the interaction unless the host key changes (usually due to either a system re-installation or just the SSH server reinstallation).